{
"CVE_data_type" : "CVE",
"CVE_data_format" : "MITRE",
"CVE_data_version" : "4.0",
"CVE_data_numberOfCVEs" : "26712",
"CVE_data_timestamp" : "2025-08-19T07:01Z",
"CVE_Items" : [ {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0001",
"ASSIGNER" : "secure@intel.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/03/18/2",
"name" : "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/03/18/2",
"name" : "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/155143",
"name" : "VU#155143",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/155143",
"name" : "VU#155143",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.vicarius.io/vsociety/posts/cve-2022-0001-detect-specter-vulnerability?prevUrl=wizard",
"name" : "https://www.vicarius.io/vsociety/posts/cve-2022-0001-detect-specter-vulnerability?prevUrl=wizard",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.vicarius.io/vsociety/posts/cve-2022-0001-mitigate-specter-vulnerability?prevUrl=wizard",
"name" : "https://www.vicarius.io/vsociety/posts/cve-2022-0001-mitigate-specter-vulnerability?prevUrl=wizard",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g6900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g6900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d1700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1220p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1240p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1250p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1260p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1270p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1280p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.0,
"impactScore" : 4.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0002",
"ASSIGNER" : "secure@intel.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/03/18/2",
"name" : "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/03/18/2",
"name" : "[oss-security] 20220318 Xen Security Advisory 398 v2 - Multiple speculative security issues",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220818-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00598.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1005g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_m3-8100y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1065g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1035g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9282:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9242:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9222:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_9221:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8280l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8280:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8276l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8276:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8270:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8268:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8260:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8256:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8253:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6262v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6254:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6252n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6252:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6248:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6246:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6244:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6242:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6234:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6226:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6222v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5222:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5217:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5215l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5215:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4216:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4215:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4209t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4208:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_bronze_3204:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6212u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6209u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3308:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3336:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3338:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3508:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3538:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3558:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3708:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3750:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3758:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3808:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3850:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3858:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3830:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3950:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3955:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3958:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-9400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_5305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_j4205:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_n4200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-a3930:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-a3940:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1030g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1030g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1000g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1000g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1060g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-z8330:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-z8500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x7-z8700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-z8300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-z8550:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-z8350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x7-z8750:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5220r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4214r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_bronze_3206r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6258r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6256:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6250l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6248r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6246r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6242r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6240r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6238r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6230r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6226r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6208u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5218r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4215r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4210t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3338r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3436l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3558r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3758r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1110g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1120g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1125g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1160g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1165g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_j6425:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_n6415:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j6413:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1180g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185g7e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1185gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1195g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_n4200e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5317:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5318y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5320t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6312u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6314u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6326:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6328h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6328hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6330n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6334:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6336y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6338t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6342:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6346:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6348:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6348h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_6354:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8351n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352v:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8353h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8354h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8356h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8358:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8358p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8368:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8368q:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8376h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8376hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8380hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4309y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4310t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4314:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_silver_4316:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115g4e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1115gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_gold_5315y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8352m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8362:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_c3558rc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-a3950:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-a3960:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g6900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g6900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-1220p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1240p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1250p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1260p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1270p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1280p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:puma_7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d1700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_platinum_8360h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.0,
"impactScore" : 4.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0003",
"ASSIGNER" : "secure@intel.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is Unused"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2025-05-27T16:15Z",
"lastModifiedDate" : "2025-05-27T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0004",
"ASSIGNER" : "secure@intel.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00613.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Hardware debug modes and processor INIT setting that allow override of locks for some Intel(R) Processors in Intel(R) Boot Guard and Intel(R) TXT may allow an unauthenticated user to potentially enable escalation of privilege via physical access."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-12100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-12100f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-12100t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-12300t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-12300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-12300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12500h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12450hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12450hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12450h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12450h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12400f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-12400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-12400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12850hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12850hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12800hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12800hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12800h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12650hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12650hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-12650h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-12650h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12950hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12950hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900hx_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900hx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900hk_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-12900_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-12900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-11100b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-11100he_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11260h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11300h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11320h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500he_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11370h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11375h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11390h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11600h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11600h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11800h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11850h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11850he_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900kb_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kb:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11950h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11980hk_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10110u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10110y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10300t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10305_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10305t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10320_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10325_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10980xe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10980hk_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10940x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10920x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10910_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10910:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10885h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10850k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10850h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10875h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10870h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10850h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10810u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10750h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10710u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10510u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10510y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10610u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10610u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600kf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10505_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10310y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10310u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10310u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10300h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10210y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10210u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10200h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10110y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100f_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0.60",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8000t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8000t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8020_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8109u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8120_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8121u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8121u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8130u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8140u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8145u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8145ue_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8300t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8350k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8200y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8200y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8210y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8250u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8250u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8257u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8257u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8259u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8259u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8260u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8260u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8265u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8265u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8269u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8269u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8279u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8279u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8300h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8305g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8305g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8310y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8310y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8350u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8350u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8365u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8365u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8365ue_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8365ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8400b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8400b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8400h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8420:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8420t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8420t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8500b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8500b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8550_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8550:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8600k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8600t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8650_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8650:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8650k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8650k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-8700b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-8700b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8086k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8500y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8510y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8550u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8557u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8559u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8560u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8560u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8565u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8569u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8650u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8665u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8665ue_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8670_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8670:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8670t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8670t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700b_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700k_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8705g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8706g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8706g__firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8706g_:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8709g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8750h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8750hf_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8750hf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8809g_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8850h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-8950hk_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_6305_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_6305e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6305e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_6600he_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_6600he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_4205u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.0.90",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_4205u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_4305u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.0.90",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_4305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_4305ue_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.0.90",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_4305ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3060_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3060:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3160_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3160:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3355_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3355:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3355e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3355e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3455_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3455:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j3455e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j3455e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3010_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3010:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3050_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3050:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3060_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3060:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3150_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3150:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3160_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3160:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3350_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3350e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3350e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3450_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3450:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3520_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3520:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n3700_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n3700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j4005_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j4025_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4025:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j4105_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j4115_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4115:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_j4125_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_j4125:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4000c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4000c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4020_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4020c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4020c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4120_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4504_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4504:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n4505_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.45",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n4505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2805_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2805:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2806_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2806:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2807_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2807:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2808_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2808:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2810_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2810:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2815_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2815:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2820_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2820:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2830_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2830:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2840_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2840:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2910_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2910:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2920_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2920:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2930_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2930:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n2940_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n2940:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5095_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5105_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n6210_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n6210:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n6211_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n6211:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x7-e3950_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x7-e3950:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x5-e3940_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-e3940:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x5-e3930_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x5-e3930:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6200fe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6200fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6211e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6211e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6212re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6212re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6413e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6413e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6425e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6425re_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6425re:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_x6427fe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.40.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_x6427fe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c232_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c232:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c236_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.8.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c236:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c242_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.0.90",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c242:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c246_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.0.90",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c246:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c629_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c629:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c628_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c628:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c627_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c627:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c626_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c626:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c625_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c625:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c624_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c624:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c622_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c622:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c621_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.22.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c621:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.12.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c420:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c422_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.12.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c422:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:x299_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "11.12.92",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:x299:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1300_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1350_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1350p_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1370_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1370p_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390p_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4410y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4410y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4415u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4415u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4415y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4415y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4417u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4417u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4425y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4425y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_5405u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_6405u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_6500y_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_6500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_7505_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4560_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4560:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4620_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4620:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5420_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5420:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5420t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5420t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5600t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5620_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5620:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6500_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6500t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6505_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6505t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6600_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6605_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400t_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400te_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.40",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_a1030_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_a1030:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_j5005_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_j5040_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_j5040:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_n5000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_n5030_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n5030:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_n6000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_silver_n6005_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.50.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_silver_n6005:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_p5921b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5921b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_p5931b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5931b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_p5942b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5942b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:atom_p5962b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:atom_p5962b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c621a_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c621a:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c624a_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c624a:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c627a_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c627a:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:c629a_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:c629a:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-l13g4_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-l13g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-l16g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-l16g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2123it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2123it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2141i_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2141i:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2142it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2142it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2143it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2143it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2145nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2145nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2146nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2146nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2161i_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2161i:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2163it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2163it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2166nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2166nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2173it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2173it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2177nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2177nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2183it_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2183it:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2187nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2187nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2191_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2191:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2712t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2712t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2733nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2733nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2738_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2738:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2752nte_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2752nte:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2752ter_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2752ter:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2753nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2753nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2766nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2766nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2775te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2775te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2776nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2776nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2779_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2779:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2786nte_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2786nte:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2795nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2795nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2796nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2796nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2796te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2796te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2798nt_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2798nt:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d-2799_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d-2799:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_d2700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_d2700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "PHYSICAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-12T17:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0005",
"ASSIGNER" : "secure@intel.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-319"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
"name" : "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00614.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5205u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5205u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5305u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5305u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5900_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5905_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5905t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5905t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5920_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5920:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_g5925_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_g5925:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5095_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5095:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:celeron_n5105_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:celeron_n5105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10100y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10100y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10105t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10105t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10110u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10110y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10305_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10305t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10305t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10320_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-10325_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-10325:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-11100b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-11100he_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-11100he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6006u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6006u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6098p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6098p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6100u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6100u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6102e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6102e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6110u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6120_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6120t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6120t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6157u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6157u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6167u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6167u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6320_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-6320t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-6320t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7007u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7007u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7020u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7020u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7100e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7100e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7100h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7100h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7100u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7100u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7101e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7101e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7101te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7101te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7102e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7102e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7110u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7110u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7120_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7120t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7120t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7130u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7130u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7167u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7167u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7320_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7320t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7320t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7340_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7340:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7350k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-7367u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-7367u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8000_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8000t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8000t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8020_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8109u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8109u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8120_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8120:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8121u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8121u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8130u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8130u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8140u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8140u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8145u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8145u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8145ue_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8145ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-8350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-8350k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100hl_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9100te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9100te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9130u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9130u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9300t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9300t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9320_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9320:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9350k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9350k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i3-9350kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i3-9350kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10110y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10110y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10200h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10200h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10210u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10210y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10210y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10300h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10500te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10500te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10505_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-10610u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-10610u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11260h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11260h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11300h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11300h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1130g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1130g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11320h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11320h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1135g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1135g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1140g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1140g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1145g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1145g7e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145g7e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1145gre_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1145gre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500he_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-1155g7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-1155g7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i5-11600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i5-11600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10510u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10510y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-1060ng7_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-1060ng7:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10610u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10610u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10700te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10710u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10710u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10750h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10810u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10810u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10870h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10870h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-10875h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-10875h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11370h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11370h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11375h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11375h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11390h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11390h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11600h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11600h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11800h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11800h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-11850he_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-11850he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6498du_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6498du:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6500u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6500u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6510u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6560u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6560u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6567u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6567u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6600u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6600u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6650u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6650u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6660u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6660u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6700hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6700hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6700te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6770hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6770hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6785r_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6785r:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6800k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6800k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6820eq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6820eq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6820hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6820hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6820hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6820hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6822eq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6822eq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6850_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6850:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6850k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6850k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6870hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6870hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6900k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6920hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6920hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6950x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6950x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-6970hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-6970hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7500u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7500u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7510u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7510u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7560u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7560u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7567u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7567u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7600u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7600u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7640x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7640x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7660u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7660u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7700hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7700hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7740x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7740x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7800x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7820eq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820eq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7820hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7820hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7820x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-7920hq_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-7920hq:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8086k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8086k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8500y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8510y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8510y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8550u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8550u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8557u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8557u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8559u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8559u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8560u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8560u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8565u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8565u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8569u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8569u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8650u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8650u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8665u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8665ue_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8665ue:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8670_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8670:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8670t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8670t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700b_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700b:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8705g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8705g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8706g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8706g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8709g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8709g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8750h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8750hf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8750hf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8809g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8809g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-8850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-8850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9700te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9700te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9750h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9750h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9750hf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9750hf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9800x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9850he_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9850he:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7-9850hl_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7-9850hl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i7_8565u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i7_8565u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10850h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10850k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10850k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10885h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10885h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10900x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10900x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10910_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10910:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10920x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10920x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10920x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10940x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10940x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10940x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10980hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-10980xe_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-10980xe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900kb_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kb:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11950h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11950h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-11980hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-11980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-7900x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-7920x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-7940x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-7960x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-7980xe_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-7980xe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-8950hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-8950hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9800x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9800x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9820x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9820x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9880h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9880h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900k_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900kf_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900kf:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900ks_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900ks:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9900x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9900x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9920x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9920x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9920x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9920x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9940x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9940x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9940x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9940x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9960x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9960x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9960x_x-series_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9960x_x-series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9980hk_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9980hk:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:core_i9-9980xe_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:core_i9-9980xe:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4410y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4410y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4415u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4415u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4415y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4415y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4417u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4417u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_4425y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_4425y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_5405u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_5405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_6405u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_6500y_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_6500y:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_7505_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_7505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4560_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4560:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4600_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g4620_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g4620:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5420_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5420:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5420t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5420t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5500_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5600_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5600t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5600t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g5620_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g5620:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6400te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6400te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6405u_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6405u:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6500_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6500t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6500t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6505_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6505t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6505t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6600_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6600:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g6605_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g6605:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:pentium_gold_g7400te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:pentium_gold_g7400te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-1105c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-1105c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2104g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2104g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2124_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2124:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2124g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2124g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2126g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2126g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2134_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2134:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2136_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2136:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2144g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2144g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2146g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2146g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2174g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2174g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2176g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2176g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2176m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2176m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2184g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2184g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2186g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2186g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2186m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2186m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2224_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2224:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2224g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2224g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2226g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2226g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2226ge_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2226ge:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2234_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2234:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2236_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2236:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2244g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2244g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2246g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2246g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2254me_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2254me:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2254ml_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2254ml:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2274g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2274g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2276g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2276g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2276m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2276m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2276me_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2276me:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2276ml_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2276ml:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2278g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2278ge_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278ge:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2278gel_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2278gel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2284g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2284g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2286g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2286g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2286m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2286m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2288g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2288g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2314_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2314:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2324g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2324g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2334_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2334:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2336_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2336:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2356g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2356g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2374g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2374g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2378_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2378g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2378g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2386g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2386g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_e-2388g_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_e-2388g:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-10855_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-10855m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-10885m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-10885m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11155mle_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11155mre_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11155mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11555mle_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11555mre_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11555mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11855m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11855m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11865mld_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mld:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11865mle_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mle:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11865mre_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11865mre:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-11955m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-11955m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1250_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1250e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1250p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1250te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1250te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1270_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1270e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1270p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1270te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1270te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1290_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1290e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1290p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1290t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1290te_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1290te:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1350_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1350p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1350p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1370_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1370p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1370p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390p_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-1390t_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-1390t:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2102_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2102:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2104_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2104:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2123_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2123:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2125_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2125:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2133_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2133:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2135_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2135:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2145_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2145:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2155_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2155:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2175_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2175:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2195_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2195:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2223_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2225_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2235_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2245_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2255_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2255:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2265_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2275_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-2295_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-2295:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3175x_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3175x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3223_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3223:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3225_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3225:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3235_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3235:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3245_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3245m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3245m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3265_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3265m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3265m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3275_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3275m_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3275m:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3323_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3323:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3335_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3335:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3345_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3345:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3365_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3365:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:intel:xeon_w-3375_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:intel:xeon_w-3375:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "PHYSICAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.4,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 0.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-12T17:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0010",
"ASSIGNER" : "cybersecurity@ch.abb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-532"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=3BUS221709&LanguageCode=en&DocumentPartId=&Action=Launch&_ga=2.108646530.1437951308.1684739395-1142547495.1678209228",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.\n\n\nAn attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. \n\nThis issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abb:platform_engineering_tools:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.0.0",
"versionEndIncluding" : "2.3.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:qcs_800xa_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.0.0",
"versionEndIncluding" : "5.1.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:qcs_800xa_firmware:5.1.0:sp2:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:qcs_800xa:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:qcs_ac450_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.0.0",
"versionEndIncluding" : "6.1.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:qcs_ac450_firmware:6.1.0:sp2:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:qcs_ac450:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2023-05-22T08:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0011",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-436"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0011",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0011",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0011",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0011",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "PAN-OS software provides options to exclude specific websites from URL category enforcement and those websites are blocked or allowed (depending on your rules) regardless of their associated URL category. This is done by creating a custom URL category list or by using an external dynamic list (EDL) in a URL Filtering profile. When the entries in these lists have a hostname pattern that does not end with a forward slash (/) or a hostname pattern that ends with an asterisk (*), any URL that starts with the specified pattern is considered a match. Entries with a caret (^) at the end of a hostname pattern match any top level domain. This may inadvertently allow or block more URLs than intended and allowing more URLs than intended represents a security risk. For example: example.com will match example.com.website.test example.com.* will match example.com.website.test example.com.^ will match example.com.test You should take special care when using such entries in policy rules that allow traffic. Where possible, use the exact list of hostname names ending with a forward slash (/) instead of using wildcards. PAN-OS 10.1 versions earlier than PAN-OS 10.1.3; PAN-OS 10.0 versions earlier than PAN-OS 10.0.8; PAN-OS 9.1 versions earlier than PAN-OS 9.1.12; all PAN-OS 9.0 versions; PAN-OS 8.1 versions earlier than PAN-OS 8.1.21, and Prisma Access 2.2 and 2.1 versions do not allow customers to change this behavior without changing the URL category list or EDL."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.0.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.1.0",
"versionEndExcluding" : "10.1.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.21",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.1.0",
"versionEndExcluding" : "9.1.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndIncluding" : "9.0.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:prisma_access:2.1:*:*:*:preferred:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:prisma_access:2.1:*:*:*:innovation:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:prisma_access:2.2:*:*:*:preferred:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0012",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-59"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0012",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0012",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0012",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0012",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper link resolution before file access vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables a local user to delete arbitrary system files and impact the system integrity or cause a denial of service condition. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0",
"versionEndExcluding" : "5.0.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.1",
"versionEndExcluding" : "6.1.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.2",
"versionEndExcluding" : "7.2.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.3",
"versionEndExcluding" : "7.3.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 3.6
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-12T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0013",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0013",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0013",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0013",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0013",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A file information exposure vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker to read the contents of arbitrary files on the system with elevated privileges when generating a support file. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0",
"versionEndExcluding" : "5.0.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.1",
"versionEndExcluding" : "6.1.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.2",
"versionEndExcluding" : "7.2.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.3",
"versionEndExcluding" : "7.3.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-12T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0014",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-426"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0014",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0014",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0014",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0014",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An untrusted search path vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables a local attacker with file creation privilege in the Windows root directory (such as C:\\) to store a program that can then be unintentionally executed by another local user when that user utilizes a Live Terminal session. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9; Cortex XDR agent 7.2 versions earlier than Cortex XDR agent 7.2.4; Cortex XDR agent 7.3 versions earlier than Cortex XDR agent 7.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0",
"versionEndExcluding" : "5.0.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.1",
"versionEndExcluding" : "6.1.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.2",
"versionEndExcluding" : "7.2.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.3",
"versionEndExcluding" : "7.3.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.3,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.3,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-12T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0015",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-427"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0015",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0015",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0015",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0015",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent that enables an authenticated local user to execute programs with elevated privileges. This issue impacts: Cortex XDR agent 5.0 versions earlier than Cortex XDR agent 5.0.12; Cortex XDR agent 6.1 versions earlier than Cortex XDR agent 6.1.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.1",
"versionEndExcluding" : "6.1.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0",
"versionEndExcluding" : "5.0.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-12T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0016",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-755"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0016",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0016",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0016",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0016",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper handling of exceptional conditions vulnerability exists within the Connect Before Logon feature of the Palo Alto Networks GlobalProtect app that enables a local attacker to escalate to SYSTEM or root privileges when authenticating with Connect Before Logon under certain circumstances. This issue impacts GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS. This issue does not affect the GlobalProtect app on other platforms."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.2",
"versionEndExcluding" : "5.2.9",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0017",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-59"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0017",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0017",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0017",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0017",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper link resolution before file access ('link following') vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that enables a local attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges under certain circumstances. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows. GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.5 on Windows. This issue does not affect GlobalProtect app on other platforms."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.1",
"versionEndExcluding" : "5.1.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.2",
"versionEndExcluding" : "5.2.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0018",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0018",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0018",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0018",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0018",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An information exposure vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows and MacOS where the credentials of the local user account are sent to the GlobalProtect portal when the Single Sign-On feature is enabled in the GlobalProtect portal configuration. This product behavior is intentional and poses no security risk when connecting to trusted GlobalProtect portals configured to use the same Single Sign-On credentials both for the local user account as well as the GlobalProtect login. However when the credentials are different, the local account credentials are inadvertently sent to the GlobalProtect portal for authentication. A third party MITM type of attacker cannot see these credentials in transit. This vulnerability is a concern where the GlobalProtect app is deployed on Bring-your-Own-Device (BYOD) type of clients with private local user accounts or GlobalProtect app is used to connect to different organizations. Fixed versions of GlobalProtect app have an app setting to prevent the transmission of the user's local user credentials to the target GlobalProtect portal regardless of the portal configuration. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Windows and MacOS; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.9 on Windows and MacOS This issue does not affect GlobalProtect app on other platforms."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.1",
"versionEndExcluding" : "5.1.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.2",
"versionEndExcluding" : "5.2.9",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.6
},
"severity" : "LOW",
"exploitabilityScore" : 4.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0019",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-522"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0019",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0019",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0019",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0019",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An insufficiently protected credentials vulnerability exists in the Palo Alto Networks GlobalProtect app on Linux that exposes the hashed credentials of GlobalProtect users that saved their password during previous GlobalProtect app sessions to other local users on the system. The exposed credentials enable a local attacker to authenticate to the GlobalProtect portal or gateway as the target user without knowing of the target user’s plaintext password. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.10 on Linux. GlobalProtect app 5.2 versions earlier than and including GlobalProtect app 5.2.7 on Linux. GlobalProtect app 5.3 versions earlier than GlobalProtect app 5.3.2 on Linux. This issue does not affect the GlobalProtect app on other platforms."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.1",
"versionEndExcluding" : "5.1.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.2",
"versionEndIncluding" : "5.2.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.3",
"versionEndExcluding" : "5.3.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 1.9
},
"severity" : "LOW",
"exploitabilityScore" : 3.4,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0020",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/171782/Palo-Alto-Cortex-XSOAR-6.5.0-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/171782/Palo-Alto-Cortex-XSOAR-6.5.0-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "http://packetstormsecurity.com/files/171782/Palo-Alto-Cortex-XSOAR-6.5.0-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/171782/Palo-Alto-Cortex-XSOAR-6.5.0-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0020",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0020",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0020",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0020",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators who encounter the payload during normal operations. This issue impacts: All builds of Cortex XSOAR 6.1.0; Cortex XSOAR 6.2.0 builds earlier than build 1958888."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:1016923:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:1031903:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:848144:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:1077664:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:1271082:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:1321594:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:1473927:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:1209934:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:1271079:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:1578666:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:1822745:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0021",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-532"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0021",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0021",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0021",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0021",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An information exposure through log file vulnerability exists in the Palo Alto Networks GlobalProtect app on Windows that logs the cleartext credentials of the connecting GlobalProtect user when authenticating using Connect Before Logon feature. This issue impacts GlobalProtect App 5.2 versions earlier than 5.2.9 on Windows. This issue does not affect the GlobalProtect app on other platforms."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:globalprotect:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.2",
"versionEndExcluding" : "5.2.9",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 1.9
},
"severity" : "LOW",
"exploitabilityScore" : 3.4,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0022",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-916"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0022",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0022",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0022",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0022",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computational effort, which allows for password cracking attacks on accounts in normal (non-FIPS-CC) operational mode. An attacker must have access to the account password hashes to take advantage of this weakness and can acquire those hashes if they are able to gain access to the PAN-OS software configuration. Fixed versions of PAN-OS software use a secure cryptographic algorithm for account password hashes. This issue does not impact Prisma Access firewalls. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.21; All versions of PAN-OS 9.0; PAN-OS 9.1 versions earlier than PAN-OS 9.1.11; PAN-OS 10.0 versions earlier than PAN-OS 10.0.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.1.0",
"versionEndExcluding" : "9.1.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.0.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.21",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndIncluding" : "9.0.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-09T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0023",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-755"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0023",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0023",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0023",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0023",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper handling of exceptional conditions vulnerability exists in the DNS proxy feature of Palo Alto Networks PAN-OS software that enables a meddler-in-the-middle (MITM) to send specifically crafted traffic to the firewall that causes the service to restart unexpectedly. Repeated attempts to send this request result in denial-of-service to all PAN-OS services by restarting the device in maintenance mode. This issue does not impact Panorama appliances and Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.22; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5. This issue does not impact PAN-OS 10.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.0.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.1.0",
"versionEndExcluding" : "9.1.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndExcluding" : "9.0.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.22",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.1.0",
"versionEndExcluding" : "10.1.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-13T19:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0024",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0024",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0024",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0024",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0024",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability exists in Palo Alto Networks PAN-OS software that enables an authenticated network-based PAN-OS administrator to upload a specifically created configuration that disrupts system processes and potentially execute arbitrary code with root privileges when the configuration is committed on both hardware and virtual firewalls. This issue does not impact Panorama appliances or Prisma Access customers. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.23; PAN-OS 9.0 versions earlier than PAN-OS 9.0.16; PAN-OS 9.1 versions earlier than PAN-OS 9.1.13; PAN-OS 10.0 versions earlier than PAN-OS 10.0.10; PAN-OS 10.1 versions earlier than PAN-OS 10.1.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.0.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.1.0",
"versionEndExcluding" : "9.1.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndExcluding" : "9.0.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.1.0",
"versionEndExcluding" : "10.1.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.23",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0025",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-427"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0025",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0025",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0025",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0025",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\\) to execute a program with elevated privileges. This issue impacts: All versions of the Cortex XDR agent when upgrading to Cortex XDR agent 7.7.0 on Windows; Cortex XDR agent 7.7.0 without content update 500 or a later version on Windows. This issue does not impact other platforms or other versions of the Cortex XDR agent."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.7.0",
"versionEndExcluding" : "7.7.1.62043",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0026",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0026",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0026",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0026",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0026",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local privilege escalation (PE) vulnerability exists in Palo Alto Networks Cortex XDR agent software on Windows that enables an authenticated local user with file creation privilege in the Windows root directory (such as C:\\) to execute a program with elevated privileges. This issue impacts all versions of Cortex XDR agent without content update 330 or a later content update version."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.4:hotfix:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:hotfix:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.5:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.6:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.7:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.8:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:6.1.9:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.1:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.2:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.3:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.4.4:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5:-:*:*:content_engine:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.1:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.2:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.3:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.1:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.6.2:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.7.1:content_update330:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0027",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0027",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0027",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0027",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0027",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables authenticated users in non-Read-Only groups to generate an email report that contains summary information about all incidents in the Cortex XSOAR instance, including incidents to which the user does not have access. This issue impacts: All versions of Cortex XSOAR 6.1; All versions of Cortex XSOAR 6.2; All versions of Cortex XSOAR 6.5; Cortex XSOAR 6.6 versions earlier than Cortex XSOAR 6.6.0 build 6.6.0.2585049."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.2.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.1.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.6.0",
"versionEndExcluding" : "6.6.0.2585049",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0028",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0028",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0028",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0028",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0028",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndExcluding" : "9.0.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.23",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.0.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.1.0",
"versionEndExcluding" : "10.1.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.1.0",
"versionEndExcluding" : "9.1.14",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.2.2:h1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.2.0",
"versionEndExcluding" : "10.2.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:8.1.23:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:9.0.16:h2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:9.1.14:h1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.0.11:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:10.1.6:h3:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 8.6,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 4.0
}
},
"publishedDate" : "2022-08-10T16:15Z",
"lastModifiedDate" : "2025-02-07T15:03Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0029",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-59"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0029",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0029",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0029",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0029",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0",
"versionEndExcluding" : "5.0.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:critical_environment:*:*:*",
"versionStartIncluding" : "7.5",
"versionEndExcluding" : "7.5.101",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.7",
"versionEndExcluding" : "7.7.3",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-09-14T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0030",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-290"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0030",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0030",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0030",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0030",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to impersonate an existing PAN-OS administrator and perform privileged actions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.1.0",
"versionEndExcluding" : "8.1.24",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.2,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-10-12T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0031",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-345"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0031",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0031",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.paloaltonetworks.com/CVE-2022-0031",
"name" : "https://security.paloaltonetworks.com/CVE-2022-0031",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system allows a local attacker with shell access to the engine to execute programs with elevated privileges."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2102531:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2410815:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.5.0:2583817:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2585049:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:2889656:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3049220:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.6.0:3124193:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:paloaltonetworks:cortex_xsoar:6.8.0:3261002:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-11-09T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0070",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html",
"name" : "https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html",
"name" : "https://alas.aws.amazon.com/cve/html/CVE-2022-0070.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"name" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"name" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:amazon:log4jhotpatch:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.1-16",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.0,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-19T23:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0071",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/bottlerocket-os/hotdog/security/advisories/GHSA-jr96-7frv-3mpj",
"name" : "https://github.com/bottlerocket-os/hotdog/security/advisories/GHSA-jr96-7frv-3mpj",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/bottlerocket-os/hotdog/security/advisories/GHSA-jr96-7frv-3mpj",
"name" : "https://github.com/bottlerocket-os/hotdog/security/advisories/GHSA-jr96-7frv-3mpj",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"name" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"name" : "https://unit42.paloaltonetworks.com/aws-log4shell-hot-patch-vulnerabilities",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hotdog_project:hotdog:*:*:*:*:*:java:*:*",
"versionEndExcluding" : "1.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.0,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-19T23:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0072",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.6.5",
"versionEndIncluding" : "1.6.20.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.7.0",
"versionEndExcluding" : "1.7.16.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:1.5.12:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:1.5.11:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
}
},
"publishedDate" : "2022-10-27T20:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0073",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/dist/admin/html.open/lib/CValidation.php#L565",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/dist/admin/html.open/lib/CValidation.php#L565",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/dist/admin/html.open/lib/CValidation.php#L565",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/dist/admin/html.open/lib/CValidation.php#L565",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/dist/admin/html.open/lib/CValidation.php#L565",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/dist/admin/html.open/lib/CValidation.php#L565",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/dist/admin/html.open/lib/CValidation.php#L565",
"name" : "https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/dist/admin/html.open/lib/CValidation.php#L565",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Input Validation vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Command Injection. This affects 1.7.0 versions before 1.7.16.1.\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.7.0",
"versionEndIncluding" : "1.7.16.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-10-27T20:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0074",
"ASSIGNER" : "psirt@paloaltonetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-426"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29",
"name" : "https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29",
"name" : "https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.6.15",
"versionEndExcluding" : "1.7.16.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-10-27T20:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0079",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/e43df0a190f68aefa272507d3bd54475f566c1db",
"name" : "https://github.com/star7th/showdoc/commit/e43df0a190f68aefa272507d3bd54475f566c1db",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/e43df0a190f68aefa272507d3bd54475f566c1db",
"name" : "https://github.com/star7th/showdoc/commit/e43df0a190f68aefa272507d3bd54475f566c1db",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b37f0e26-355a-4d50-8495-a567c10828ee",
"name" : "https://huntr.dev/bounties/b37f0e26-355a-4d50-8495-a567c10828ee",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b37f0e26-355a-4d50-8495-a567c10828ee",
"name" : "https://huntr.dev/bounties/b37f0e26-355a-4d50-8495-a567c10828ee",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "showdoc is vulnerable to Generation of Error Message Containing Sensitive Information"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-03T03:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0080",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6",
"name" : "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6",
"name" : "https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e",
"name" : "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e",
"name" : "https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "mruby is vulnerable to Heap-based Buffer Overflow"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-02T12:15Z",
"lastModifiedDate" : "2025-05-22T15:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0083",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/fbed8728be59040a7218610e72f6eceb5f8bc152",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736",
"name" : "https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736",
"name" : "https://huntr.dev/bounties/4c477440-3b03-42eb-a6e2-a31b55090736",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.91",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-04T07:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0084",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-770"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0084",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0084",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0084",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0084",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064226",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064226",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064226",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064226",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12",
"name" : "https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12",
"name" : "https://github.com/xnio/xnio/commit/fdefb3b8b715d33387cadc4d48991fb1989b0c12",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/xnio/xnio/pull/291",
"name" : "https://github.com/xnio/xnio/pull/291",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/xnio/xnio/pull/291",
"name" : "https://github.com/xnio/xnio/pull/291",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows an attacker to send flawed requests to a server, possibly causing log contention-related performance concerns or an unwanted disk fill-up."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:integration_camel_k:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:integration_camel_quarkus:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:xnio:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.8.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0085",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dompdf/dompdf/commit/bb1ef65011a14730b7cfbe73506b4bb8a03704bd",
"name" : "https://github.com/dompdf/dompdf/commit/bb1ef65011a14730b7cfbe73506b4bb8a03704bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dompdf/dompdf/commit/bb1ef65011a14730b7cfbe73506b4bb8a03704bd",
"name" : "https://github.com/dompdf/dompdf/commit/bb1ef65011a14730b7cfbe73506b4bb8a03704bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/73dbcc78-5ba9-492f-9133-13bbc9f31236",
"name" : "https://huntr.dev/bounties/73dbcc78-5ba9-492f-9133-13bbc9f31236",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/73dbcc78-5ba9-492f-9133-13bbc9f31236",
"name" : "https://huntr.dev/bounties/73dbcc78-5ba9-492f-9133-13bbc9f31236",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dompdf_project:dompdf:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-28T15:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0086",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/transloadit/uppy/commit/fc137e30a2a3102eb191141f280d5de20dacdf8f",
"name" : "https://github.com/transloadit/uppy/commit/fc137e30a2a3102eb191141f280d5de20dacdf8f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/transloadit/uppy/commit/fc137e30a2a3102eb191141f280d5de20dacdf8f",
"name" : "https://github.com/transloadit/uppy/commit/fc137e30a2a3102eb191141f280d5de20dacdf8f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c1c03ef6-3f18-4976-a9ad-08c251279122",
"name" : "https://huntr.dev/bounties/c1c03ef6-3f18-4976-a9ad-08c251279122",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c1c03ef6-3f18-4976-a9ad-08c251279122",
"name" : "https://huntr.dev/bounties/c1c03ef6-3f18-4976-a9ad-08c251279122",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "uppy is vulnerable to Server-Side Request Forgery (SSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:transloadit:uppy:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "2.3.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-04T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0087",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38",
"name" : "https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38",
"name" : "https://github.com/keystonejs/keystone/commit/96bf833a23b1a0a5d365cf394467a943cc481b38",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e",
"name" : "https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e",
"name" : "https://huntr.dev/bounties/c9d7374f-2cb9-4bac-9c90-a965942f413e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "keystone is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0088",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59",
"name" : "https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59",
"name" : "https://github.com/yourls/yourls/commit/1de256d8694b0ec7d4df2ac1d5976d4055e09d59",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29",
"name" : "https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29",
"name" : "https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls prior to 1.8.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:yourls:yourls:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.8.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.4,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 4.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-03T09:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0090",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0090.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0090.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0090.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0090.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitaly/-/issues/3948",
"name" : "https://gitlab.com/gitlab-org/gitaly/-/issues/3948",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitaly/-/issues/3948",
"name" : "https://gitlab.com/gitlab-org/gitaly/-/issues/3948",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/1415964",
"name" : "https://hackerone.com/reports/1415964",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://hackerone.com/reports/1415964",
"name" : "https://hackerone.com/reports/1415964",
"refsource" : "",
"tags" : [ "Permissions Required" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab is configured in a way that it doesn't ignore replacement references with git sub-commands, allowing a malicious user to spoof the contents of their commits in the UI."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0093",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0093.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0093.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0093.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0093.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/343247",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/343247",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/343247",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/343247",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/1348738",
"name" : "https://hackerone.com/reports/1348738",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://hackerone.com/reports/1348738",
"name" : "https://hackerone.com/reports/1348738",
"refsource" : "",
"tags" : [ "Permissions Required" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab allows a user with an expired password to access sensitive information through RSS feeds."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0094",
"ASSIGNER" : "secure@dell.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2023-05-12T05:15Z",
"lastModifiedDate" : "2023-11-07T03:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0095",
"ASSIGNER" : "secure@dell.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2023-05-12T05:15Z",
"lastModifiedDate" : "2023-11-07T03:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0096",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1275020",
"name" : "https://crbug.com/1275020",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1275020",
"name" : "https://crbug.com/1275020",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Storage in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0097",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1117173",
"name" : "https://crbug.com/1117173",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1117173",
"name" : "https://crbug.com/1117173",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in DevTools in Google Chrome prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to to potentially allow extension to escape the sandbox via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0098",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273609",
"name" : "https://crbug.com/1273609",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273609",
"name" : "https://crbug.com/1273609",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Screen Capture in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gestures."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0099",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1245629",
"name" : "https://crbug.com/1245629",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1245629",
"name" : "https://crbug.com/1245629",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Sign-in in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gestures to potentially exploit heap corruption via specific user gesture."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0100",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1238209",
"name" : "https://crbug.com/1238209",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1238209",
"name" : "https://crbug.com/1238209",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Media streams API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0101",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1249426",
"name" : "https://crbug.com/1249426",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1249426",
"name" : "https://crbug.com/1249426",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Bookmarks in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via specific user gesture."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0102",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-843"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1260129",
"name" : "https://crbug.com/1260129",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1260129",
"name" : "https://crbug.com/1260129",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Type confusion in V8 in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0103",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1272266",
"name" : "https://crbug.com/1272266",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1272266",
"name" : "https://crbug.com/1272266",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in SwiftShader in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0104",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273661",
"name" : "https://crbug.com/1273661",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273661",
"name" : "https://crbug.com/1273661",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in ANGLE in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0105",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274376",
"name" : "https://crbug.com/1274376",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274376",
"name" : "https://crbug.com/1274376",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in PDF Accessibility in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0106",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278960",
"name" : "https://crbug.com/1278960",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278960",
"name" : "https://crbug.com/1278960",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker who convinced a user to perform specific user gesture to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0107",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1248438",
"name" : "https://crbug.com/1248438",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1248438",
"name" : "https://crbug.com/1248438",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in File Manager API in Google Chrome on Chrome OS prior to 97.0.4692.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0108",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-346"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2023/04/21/3",
"name" : "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2023/04/21/3",
"name" : "[oss-security] 20230421 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0003",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1248444",
"name" : "https://crbug.com/1248444",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1248444",
"name" : "https://crbug.com/1248444",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html",
"name" : "[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html",
"name" : "[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/",
"name" : "FEDORA-2023-a4bbf02a57",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OKKVEUQAAGH3NHMX3WHWKRPYU4QFKTQ/",
"name" : "FEDORA-2023-a4bbf02a57",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/",
"name" : "FEDORA-2023-5b61346bbe",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/",
"name" : "FEDORA-2023-5b61346bbe",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/",
"name" : "FEDORA-2023-8900b35c6f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/",
"name" : "FEDORA-2023-8900b35c6f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5396",
"name" : "DSA-5396",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5396",
"name" : "DSA-5396",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5397",
"name" : "DSA-5397",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5397",
"name" : "DSA-5397",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0109",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1261689",
"name" : "https://crbug.com/1261689",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1261689",
"name" : "https://crbug.com/1261689",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0110",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-1021"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1237310",
"name" : "https://crbug.com/1237310",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1237310",
"name" : "https://crbug.com/1237310",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect security UI in Autofill in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0111",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-346"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1241188",
"name" : "https://crbug.com/1241188",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1241188",
"name" : "https://crbug.com/1241188",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to incorrectly set origin via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0112",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1255713",
"name" : "https://crbug.com/1255713",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1255713",
"name" : "https://crbug.com/1255713",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect security UI in Browser UI in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to display missing URL or incorrect URL via a crafted URL."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0113",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-346"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1039885",
"name" : "https://crbug.com/1039885",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1039885",
"name" : "https://crbug.com/1039885",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0114",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1267627",
"name" : "https://crbug.com/1267627",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1267627",
"name" : "https://crbug.com/1267627",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out of bounds memory access in Blink Serial API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page and virtual serial port driver."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0115",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-908"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1268903",
"name" : "https://crbug.com/1268903",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1268903",
"name" : "https://crbug.com/1268903",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0116",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1272250",
"name" : "https://crbug.com/1272250",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1272250",
"name" : "https://crbug.com/1272250",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0117",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1115847",
"name" : "https://crbug.com/1115847",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1115847",
"name" : "https://crbug.com/1115847",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0118",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1238631",
"name" : "https://crbug.com/1238631",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1238631",
"name" : "https://crbug.com/1238631",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0120",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-346"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1262953",
"name" : "https://crbug.com/1262953",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1262953",
"name" : "https://crbug.com/1262953",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PAGL5M2KGYPN3VEQCRJJE6NA7D5YG5X/",
"name" : "FEDORA-2022-d1a15f9cdb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"name" : "FEDORA-2022-49b52819a4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MRWRAXAFR3JR7XCFWTHC2KALSZKWACCE/",
"name" : "FEDORA-2022-57923346cf",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T00:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0121",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hoppscotch/hoppscotch/commit/86ef1a4e143ea5bb0c7b309574127cc39d4faa74",
"name" : "https://github.com/hoppscotch/hoppscotch/commit/86ef1a4e143ea5bb0c7b309574127cc39d4faa74",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hoppscotch/hoppscotch/commit/86ef1a4e143ea5bb0c7b309574127cc39d4faa74",
"name" : "https://github.com/hoppscotch/hoppscotch/commit/86ef1a4e143ea5bb0c7b309574127cc39d4faa74",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b70a6191-8226-4ac6-b817-cae7332a68ee",
"name" : "https://huntr.dev/bounties/b70a6191-8226-4ac6-b817-cae7332a68ee",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b70a6191-8226-4ac6-b817-cae7332a68ee",
"name" : "https://huntr.dev/bounties/b70a6191-8226-4ac6-b817-cae7332a68ee",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hoppscotch hoppscotch/hoppscotch.This issue affects hoppscotch/hoppscotch before 2.1.1.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hoppscotch:hoppscotch:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.1,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-06T03:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0122",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e",
"name" : "https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e",
"name" : "https://github.com/digitalbazaar/forge/commit/db8016c805371e72b06d8e2edfe0ace0df934a5e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae",
"name" : "https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae",
"name" : "https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "forge is vulnerable to URL Redirection to Untrusted Site"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:digitalbazaar:forge:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-06T05:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0123",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-295"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0123.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0123.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0123.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0123.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/296632",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/296632",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/296632",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/296632",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab does not validate SSL certificates for some of external CI services which makes it possible to perform MitM attacks on connections to these external services."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.6,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0124",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0124.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0124.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0124.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0124.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/340176",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/340176",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/340176",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/340176",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/1310778",
"name" : "https://hackerone.com/reports/1310778",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://hackerone.com/reports/1310778",
"name" : "https://hackerone.com/reports/1310778",
"refsource" : "",
"tags" : [ "Permissions Required" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. Gitlab's Slack integration is incorrectly validating user input and allows to craft malicious URLs that are sent to slack."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0125",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/345564",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/345564",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/345564",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/345564",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/1356100",
"name" : "https://hackerone.com/reports/1356100",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://hackerone.com/reports/1356100",
"name" : "https://hackerone.com/reports/1356100",
"refsource" : "",
"tags" : [ "Permissions Required" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not verifying that a maintainer of a project had the right access to import members from a target project."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0128",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/14",
"name" : "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/14",
"name" : "20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a",
"name" : "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a",
"name" : "https://github.com/vim/vim/commit/d3a117814d6acbf0dca3eff1a7626843b9b3734a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba",
"name" : "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba",
"name" : "https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213343",
"name" : "https://support.apple.com/kb/HT213343",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213343",
"name" : "https://support.apple.com/kb/HT213343",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "vim is vulnerable to Out-of-bounds Read"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4009",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.15.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:10.15.7:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.0",
"versionEndExcluding" : "11.6.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:10.15.7:security_update_2022-004:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-06T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0129",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://service.mcafee.com/?articleId=TS103243",
"name" : "https://service.mcafee.com/?articleId=TS103243",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://service.mcafee.com/?articleId=TS103243",
"name" : "https://service.mcafee.com/?articleId=TS103243",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Uncontrolled search path element vulnerability in McAfee TechCheck prior to 4.0.0.2 allows a local administrator to load their own Dynamic Link Library (DLL) gaining elevation of privileges to system user. This was achieved through placing the malicious DLL in the same directory that the process was run from."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:techcheck:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0130",
"ASSIGNER" : "vulnreport@tenable.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.tenable.com/security/tns-2022-01",
"name" : "https://www.tenable.com/security/tns-2022-01",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-01",
"name" : "https://www.tenable.com/security/tns-2022-01",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerability which could allow a remote, unauthenticated attacker to execute code under special circumstances. An attacker would first have to stage a specific file type in the web server root of the Tenable.sc host prior to remote exploitation."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.14.0",
"versionEndIncluding" : "5.19.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-14T20:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0131",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-798"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN49047921/index.html",
"name" : "https://jvn.jp/en/jp/JVN49047921/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN49047921/index.html",
"name" : "https://jvn.jp/en/jp/JVN49047921/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Jimoty App for Android versions prior to 3.7.42 uses a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jmty:jimoty:*:*:*:*:*:android:*:*",
"versionEndExcluding" : "3.7.42",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.3,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0132",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/7b54a81cccf6b4c12269e9d6897d608b1a99537a",
"name" : "https://github.com/chocobozzz/peertube/commit/7b54a81cccf6b4c12269e9d6897d608b1a99537a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/7b54a81cccf6b4c12269e9d6897d608b1a99537a",
"name" : "https://github.com/chocobozzz/peertube/commit/7b54a81cccf6b4c12269e9d6897d608b1a99537a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/77ec5308-5561-4664-af21-d780df2d1e4b",
"name" : "https://huntr.dev/bounties/77ec5308-5561-4664-af21-d780df2d1e4b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/77ec5308-5561-4664-af21-d780df2d1e4b",
"name" : "https://huntr.dev/bounties/77ec5308-5561-4664-af21-d780df2d1e4b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "peertube is vulnerable to Server-Side Request Forgery (SSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-10T14:12Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0133",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/795212f7acc690c88c86d0fab8772f6564d59cb8",
"name" : "https://github.com/chocobozzz/peertube/commit/795212f7acc690c88c86d0fab8772f6564d59cb8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/795212f7acc690c88c86d0fab8772f6564d59cb8",
"name" : "https://github.com/chocobozzz/peertube/commit/795212f7acc690c88c86d0fab8772f6564d59cb8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/80aabdc1-89fe-47b8-87ca-9d68107fc0b4",
"name" : "https://huntr.dev/bounties/80aabdc1-89fe-47b8-87ca-9d68107fc0b4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/80aabdc1-89fe-47b8-87ca-9d68107fc0b4",
"name" : "https://huntr.dev/bounties/80aabdc1-89fe-47b8-87ca-9d68107fc0b4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "peertube is vulnerable to Improper Access Control"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2022-01-06",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-10T14:12Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0134",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85",
"name" : "https://wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85",
"name" : "https://wpscan.com/vulnerability/fa09ea9b-d5a0-4773-a692-9ff0200bcd85",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bologer:anycomment:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "0.2.18",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0135",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037790",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037790",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037790",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037790",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html",
"name" : "[debian-lts-announce] 20221207 [SECURITY] [DLA 3232-1] virglrenderer security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00017.html",
"name" : "[debian-lts-announce] 20221207 [SECURITY] [DLA 3232-1] virglrenderer security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-05",
"name" : "GLSA-202210-05",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-05",
"name" : "GLSA-202210-05",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:virglrenderer_project:virglrenderer:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "0.8.1",
"versionEndExcluding" : "0.10.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-08-25T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0136",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0136.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0136.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0136.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0136.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/28561",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/28561",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/28561",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/28561",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/560658",
"name" : "https://hackerone.com/reports/560658",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/560658",
"name" : "https://hackerone.com/reports/560658",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was discovered in GitLab versions 10.5 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1. GitLab was vulnerable to a blind SSRF attack through the Project Import feature."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.5.0",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.7.0",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0137",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b",
"name" : "https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b",
"name" : "https://github.com/michaelrsweet/htmldoc/commit/71fe87878c9cbc3db429f5e5c70f28e4b3d96e3b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/issues/461",
"name" : "https://github.com/michaelrsweet/htmldoc/issues/461",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/issues/461",
"name" : "https://github.com/michaelrsweet/htmldoc/issues/461",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:htmldoc_project:htmldoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.9.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-11-14T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0138",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-502"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 has a deserialization function that does not validate or check the data, allowing arbitrary classes to be created."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:airspan:mimosa_management_platform:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.0.3",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:airspan:c6x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.8.6.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:airspan:c6x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:airspan:c5x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.8.6.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:airspan:c5x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:airspan:c5c_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.8.6.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:airspan:c5c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:airspan:a5x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.5.4.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:airspan:a5x:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0139",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"name" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"name" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0",
"name" : "https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0",
"name" : "https://huntr.dev/bounties/3dcb6f40-45cd-403b-929f-db123fde32c0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-08T19:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0140",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336",
"name" : "https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336",
"name" : "https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-082",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-082",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-082",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-082",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Visual Form Builder WordPress plugin before 3.0.6 does not perform access control on entry form export, allowing unauthenticated users to see the form entries or export it as a CSV File using the vfb-export endpoint."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-12T12:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0141",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/2adc8390-bb19-4adf-9805-e9c462d14d22",
"name" : "https://wpscan.com/vulnerability/2adc8390-bb19-4adf-9805-e9c462d14d22",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2adc8390-bb19-4adf-9805-e9c462d14d22",
"name" : "https://wpscan.com/vulnerability/2adc8390-bb19-4adf-9805-e9c462d14d22",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-081",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-081",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-081",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-081",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-12T12:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0142",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878",
"name" : "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878",
"name" : "https://wpscan.com/vulnerability/03210390-2054-40c0-9508-39d168087878",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-080",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-080",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.fortiguard.com/zeroday/FG-VD-21-080",
"name" : "https://www.fortiguard.com/zeroday/FG-VD-21-080",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Visual Form Builder WordPress plugin before 3.0.8 is vulnerable to CSV injection allowing a user with low level or no privileges to inject a command that will be included in the exported CSV file, leading to possible code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-12T12:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0143",
"ASSIGNER" : "psirt@forgerock.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://backstage.forgerock.com/downloads/browse/idm/featured/connectors",
"name" : "https://backstage.forgerock.com/downloads/browse/idm/featured/connectors",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://backstage.forgerock.com/downloads/browse/idm/featured/connectors",
"name" : "https://backstage.forgerock.com/downloads/browse/idm/featured/connectors",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://backstage.forgerock.com/knowledge/kb/article/a11380515",
"name" : "https://backstage.forgerock.com/knowledge/kb/article/a11380515",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://backstage.forgerock.com/knowledge/kb/article/a11380515",
"name" : "https://backstage.forgerock.com/knowledge/kb/article/a11380515",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "When the LDAP connector is started with StartTLS configured, unauthenticated access is granted. This issue affects: all versions of the LDAP connector prior to 1.5.20.9. The LDAP connector is bundled with Identity Management (IDM) and Remote Connector Server (RCS)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:forgerock:ldap_connector:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.5.20.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-09-19T22:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0144",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c",
"name" : "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c",
"name" : "https://github.com/shelljs/shelljs/commit/d919d22dd6de385edaa9d90313075a77f74b338c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c",
"name" : "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c",
"name" : "https://huntr.dev/bounties/50996581-c08e-4eed-a90e-c0bac082679c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "shelljs is vulnerable to Improper Privilege Management"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:shelljs_project:shelljs:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "0.8.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 3.6
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-11T07:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0145",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e",
"name" : "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e",
"name" : "https://github.com/forkcms/forkcms/commit/981730f1a3d59b423ca903b1f4bf79b848a1766e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba",
"name" : "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba",
"name" : "https://huntr.dev/bounties/b5b8c680-3cd9-4477-bcd9-3a29657ba7ba",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.11.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-24T11:15Z",
"lastModifiedDate" : "2024-11-21T06:37Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0147",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2681371",
"name" : "https://plugins.trac.wordpress.org/changeset/2681371",
"refsource" : "",
"tags" : [ "Patch", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2681371",
"name" : "https://plugins.trac.wordpress.org/changeset/2681371",
"refsource" : "",
"tags" : [ "Patch", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2c735365-69c0-4652-b48e-c4a192dfe0d1",
"name" : "https://wpscan.com/vulnerability/2c735365-69c0-4652-b48e-c4a192dfe0d1",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2c735365-69c0-4652-b48e-c4a192dfe0d1",
"name" : "https://wpscan.com/vulnerability/2c735365-69c0-4652-b48e-c4a192dfe0d1",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Cookie Information | Free GDPR Consent Solution WordPress plugin before 2.0.8 does not escape user data before outputting it back in attributes in the admin dashboard, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cookieinformation:wp-gdpr-compliance:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0148",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2654453/mystickyelements",
"name" : "https://plugins.trac.wordpress.org/changeset/2654453/mystickyelements",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2654453/mystickyelements",
"name" : "https://plugins.trac.wordpress.org/changeset/2654453/mystickyelements",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/37665ee1-c57f-4445-9596-df4f7d72c8cd",
"name" : "https://wpscan.com/vulnerability/37665ee1-c57f-4445-9596-df4f7d72c8cd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/37665ee1-c57f-4445-9596-df4f7d72c8cd",
"name" : "https://wpscan.com/vulnerability/37665ee1-c57f-4445-9596-df4f7d72c8cd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs WordPress plugin before 2.0.4 was vulnerable to reflected XSS on the my-sticky-elements-leads admin page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:premio:mystickyelements:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-07T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0149",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2654545/woocommerce-exporter",
"name" : "https://plugins.trac.wordpress.org/changeset/2654545/woocommerce-exporter",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2654545/woocommerce-exporter",
"name" : "https://plugins.trac.wordpress.org/changeset/2654545/woocommerce-exporter",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e47c288a-2ea3-4926-93cc-113867cbc77c",
"name" : "https://wpscan.com/vulnerability/e47c288a-2ea3-4926-93cc-113867cbc77c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e47c288a-2ea3-4926-93cc-113867cbc77c",
"name" : "https://wpscan.com/vulnerability/e47c288a-2ea3-4926-93cc-113867cbc77c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a Reflected Cross-Site Scripting (XSS) vulnerability in the woo_ce admin page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:visser:store_exporter_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-07T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0150",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2661008",
"name" : "https://plugins.trac.wordpress.org/changeset/2661008",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2661008",
"name" : "https://plugins.trac.wordpress.org/changeset/2661008",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5",
"name" : "https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5",
"name" : "https://wpscan.com/vulnerability/7142a538-7c3d-4dd0-bd2c-cbd2efaf53c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Accessibility Helper (WAH) WordPress plugin before 0.6.0.7 does not sanitise and escape the wahi parameter before outputting back its base64 decode value in the page, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp_accessibility_helper_project:wp_accessibility_helper:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "0.6.0.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0151",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0151.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0151.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0151.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0151.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348176",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348176",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348176",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348176",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 12.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not correctly handling requests to delete existing packages which could result in a Denial of Service under specific conditions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "12.10",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "12.10",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0152",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0152.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0152.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0152.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0152.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347467",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347467",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347467",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347467",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 13.10 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to unauthorized access to some particular fields through the GraphQL API."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "13.10",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "13.10",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0153",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608",
"name" : "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608",
"name" : "https://github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb",
"name" : "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb",
"name" : "https://huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.11.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0154",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0154.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0154.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0154.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0154.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29580",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29580",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29580",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29580",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/605576",
"name" : "https://hackerone.com/reports/605576",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://hackerone.com/reports/605576",
"name" : "https://hackerone.com/reports/605576",
"refsource" : "",
"tags" : [ "Permissions Required" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 7.7 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was vulnerable to a Cross-Site Request Forgery attack that allows a malicious user to have their GitHub project imported on another GitLab user account."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "7.7",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "7.7",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.1,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0155",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22",
"name" : "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22",
"name" : "https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406",
"name" : "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406",
"name" : "https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:follow-redirects_project:follow-redirects:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.14.7",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-10T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0156",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/13",
"name" : "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/13",
"name" : "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f",
"name" : "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f",
"name" : "https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36",
"name" : "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36",
"name" : "https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/",
"name" : "FEDORA-2022-48b86d586f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/",
"name" : "FEDORA-2022-48b86d586f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/",
"name" : "FEDORA-2022-20e66c6698",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/",
"name" : "FEDORA-2022-20e66c6698",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213344",
"name" : "https://support.apple.com/kb/HT213344",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213344",
"name" : "https://support.apple.com/kb/HT213344",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "vim is vulnerable to Use After Free"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4040",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.0",
"versionEndExcluding" : "11.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-10T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0157",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/56fd0a3b69fb33c1c90a6017ed735889aaa59486",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/56fd0a3b69fb33c1c90a6017ed735889aaa59486",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/56fd0a3b69fb33c1c90a6017ed735889aaa59486",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/56fd0a3b69fb33c1c90a6017ed735889aaa59486",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2c0fe81b-0977-4e1e-b5d8-7646c9a7ebbd",
"name" : "https://huntr.dev/bounties/2c0fe81b-0977-4e1e-b5d8-7646c9a7ebbd",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2c0fe81b-0977-4e1e-b5d8-7646c9a7ebbd",
"name" : "https://huntr.dev/bounties/2c0fe81b-0977-4e1e-b5d8-7646c9a7ebbd",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "phoronix-test-suite is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.8.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-10T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0158",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/13",
"name" : "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Jul/13",
"name" : "20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Mar/29",
"name" : "20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39",
"name" : "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39",
"name" : "https://github.com/vim/vim/commit/5f25c3855071bd7e26255c68bf458b1b5cf92f39",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b",
"name" : "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b",
"name" : "https://huntr.dev/bounties/ac5d7005-07c6-4a0a-b251-ba9cdbf6738b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/",
"name" : "FEDORA-2022-48b86d586f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3FH2J57GDA2WMBS6J56F6QQRA6BXQQFZ/",
"name" : "FEDORA-2022-48b86d586f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/",
"name" : "FEDORA-2022-20e66c6698",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HD5S2FC2HF22A7XQXK2XXIR46EARVWIM/",
"name" : "FEDORA-2022-20e66c6698",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213183",
"name" : "https://support.apple.com/kb/HT213183",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213344",
"name" : "https://support.apple.com/kb/HT213344",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213344",
"name" : "https://support.apple.com/kb/HT213344",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "vim is vulnerable to Heap-based Buffer Overflow"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4049",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.0",
"versionEndExcluding" : "11.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.3,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-10T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0159",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/4da927d39a49138527c30db09c962ff706f95202",
"name" : "https://github.com/orchardcms/orchardcore/commit/4da927d39a49138527c30db09c962ff706f95202",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/4da927d39a49138527c30db09c962ff706f95202",
"name" : "https://github.com/orchardcms/orchardcore/commit/4da927d39a49138527c30db09c962ff706f95202",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/00937280-e2ab-49fe-8d43-8235b3c3db4b",
"name" : "https://huntr.dev/bounties/00937280-e2ab-49fe-8d43-8235b3c3db4b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/00937280-e2ab-49fe-8d43-8235b3c3db4b",
"name" : "https://huntr.dev/bounties/00937280-e2ab-49fe-8d43-8235b3c3db4b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "orchardcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-12T03:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0161",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2680993",
"name" : "https://plugins.trac.wordpress.org/changeset/2680993",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2680993",
"name" : "https://plugins.trac.wordpress.org/changeset/2680993",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6b37fa17-0dcb-47a7-b1eb-f9f6abb458c0",
"name" : "https://wpscan.com/vulnerability/6b37fa17-0dcb-47a7-b1eb-f9f6abb458c0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6b37fa17-0dcb-47a7-b1eb-f9f6abb458c0",
"name" : "https://wpscan.com/vulnerability/6b37fa17-0dcb-47a7-b1eb-f9f6abb458c0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The ARI Fancy Lightbox WordPress plugin before 1.3.9 does not sanitise and escape the msg parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ari-soft:ari_fancy_lightbox:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0162",
"ASSIGNER" : "vdisclose@cert-in.org.in"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-319"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068",
"name" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068",
"name" : "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9:build160325_rel.62500n:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:tp-link:tl-wr841n:11:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0163",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/2b6b0731-4515-498a-82bd-d416f5885268",
"name" : "https://wpscan.com/vulnerability/2b6b0731-4515-498a-82bd-d416f5885268",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2b6b0731-4515-498a-82bd-d416f5885268",
"name" : "https://wpscan.com/vulnerability/2b6b0731-4515-498a-82bd-d416f5885268",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Smart Forms WordPress plugin before 2.6.71 does not have authorisation in its rednao_smart_forms_entries_list AJAX action, allowing any authenticated users, such as subscriber, to download arbitrary form's data, which could include sensitive information such as PII depending on the form."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rednao:smart_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.6.71",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0164",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2655973",
"name" : "https://plugins.trac.wordpress.org/changeset/2655973",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2655973",
"name" : "https://plugins.trac.wordpress.org/changeset/2655973",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://wpscan.com/vulnerability/942535f9-73bf-4467-872a-20075f03bc51",
"name" : "https://wpscan.com/vulnerability/942535f9-73bf-4467-872a-20075f03bc51",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/942535f9-73bf-4467-872a-20075f03bc51",
"name" : "https://wpscan.com/vulnerability/942535f9-73bf-4467-872a-20075f03bc51",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Coming soon and Maintenance mode WordPress plugin before 3.5.3 does not have authorisation and CSRF checks in its coming_soon_send_mail AJAX action, allowing any authenticated users, with a role as low as subscriber to send arbitrary emails to all subscribed users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdevart:coming_soon_and_maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0165",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb",
"name" : "https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb",
"name" : "https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Page Builder KingComposer WordPress plugin through 2.9.6 does not validate the id parameter before redirecting the user to it via the kc_get_thumbn AJAX action available to both unauthenticated and authenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:king-theme:kingcomposer:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.9.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0166",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-427"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10378",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10378",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10378",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10378",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/287178",
"name" : "VU#287178",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/287178",
"name" : "VU#287178",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR variable as a subdirectory within the installation directory. A low privilege user could have created subdirectories and executed arbitrary code with SYSTEM privileges by creating the appropriate pathway to the specifically created malicious openssl.cnf file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:agent:*:*:*:*:*:windows:*:*",
"versionEndExcluding" : "5.7.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-19T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0167",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0167.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0167.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0167.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0167.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/339146",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/339146",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/339146",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/339146",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not disabling the Autocomplete attribute of fields related to sensitive information making it possible to be retrieved under certain conditions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.0.0",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.0.0",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-07-01T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0168",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0168",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0168",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0168",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0168",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2037386",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d6f5e358452479fa8a773b5c6ccc9e4ec5a20880",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A denial of service (DOS) issue was found in the Linux kernel’s smb2_ioctl_query_info function in the fs/cifs/smb2ops.c Common Internet File System (CIFS) due to an incorrect return from the memdup_user function. This flaw allows a local, privileged (CAP_SYS_ADMIN) attacker to crash the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.18",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 4.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0169",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9",
"name" : "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9",
"refsource" : "",
"tags" : [ "Patch", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9",
"name" : "https://plugins.trac.wordpress.org/changeset/2672822/photo-gallery#file9",
"refsource" : "",
"tags" : [ "Patch", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c",
"name" : "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c",
"name" : "https://wpscan.com/vulnerability/0b4d870f-eab8-4544-91f8-9c5f0538709c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Photo Gallery by 10Web WordPress plugin before 1.6.0 does not validate and escape the bwg_tag_id_bwg_thumbnails_0 parameter before using it in a SQL statement via the bwg_frontend_data AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0170",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/84c8d9866890f479faf0168c29be5eb7816ccc8e",
"name" : "https://github.com/chocobozzz/peertube/commit/84c8d9866890f479faf0168c29be5eb7816ccc8e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/84c8d9866890f479faf0168c29be5eb7816ccc8e",
"name" : "https://github.com/chocobozzz/peertube/commit/84c8d9866890f479faf0168c29be5eb7816ccc8e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f2a003fc-b911-43b6-81ec-f856cdfeaefc",
"name" : "https://huntr.dev/bounties/f2a003fc-b911-43b6-81ec-f856cdfeaefc",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f2a003fc-b911-43b6-81ec-f856cdfeaefc",
"name" : "https://huntr.dev/bounties/f2a003fc-b911-43b6-81ec-f856cdfeaefc",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "peertube is vulnerable to Improper Access Control"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "4.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-11T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0171",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-212"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0171",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0171",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0171",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0171",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2038940",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2038940",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2038940",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2038940",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=683412ccf61294d727ead4a73d97397396e69a6b",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
"name" : "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html",
"name" : "[debian-lts-announce] 20221101 [SECURITY] [DLA 3173-1] linux-5.10 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5257",
"name" : "DSA-5257",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5257",
"name" : "DSA-5257",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.18",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0172",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0172.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0172.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0172.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0172.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348411",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348411",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348411",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348411",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5.0",
"versionEndExcluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "13.2",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "13.2",
"versionEndExcluding" : "14.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0173",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"name" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"name" : "https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5",
"name" : "https://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5",
"name" : "https://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/",
"name" : "FEDORA-2022-3fc85cd09c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/",
"name" : "FEDORA-2022-3fc85cd09c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/",
"name" : "FEDORA-2022-ba3248e596",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/",
"name" : "FEDORA-2022-ba3248e596",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "radare2 is vulnerable to Out-of-bounds Read"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-11T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0174",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32",
"name" : "https://github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32",
"name" : "https://github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db",
"name" : "https://huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db",
"name" : "https://huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Validation of Specified Quantity in Input vulnerability in dolibarr dolibarr/dolibarr."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-10T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0175",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0175",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0175",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0175",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0175",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039003",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039003",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039003",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039003",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c",
"name" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c",
"name" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/commit/b05bb61f454eeb8a85164c8a31510aeb9d79129c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654",
"name" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654",
"name" : "https://gitlab.freedesktop.org/virgl/virglrenderer/-/merge_requests/654",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-05",
"name" : "GLSA-202210-05",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-05",
"name" : "GLSA-202210-05",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0175",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0175",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0175",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0175",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the VirGL virtual OpenGL renderer (virglrenderer). The virgl did not properly initialize memory when allocating a host-backed memory resource. A malicious guest could use this flaw to mmap from the guest kernel and read this uninitialized memory from the host, possibly leading to information disclosure."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:virglrenderer_project:virglrenderer:0.9.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:virglrenderer_project:virglrenderer:0.9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0176",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2655379",
"name" : "https://plugins.trac.wordpress.org/changeset/2655379",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2655379",
"name" : "https://plugins.trac.wordpress.org/changeset/2655379",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/564a66d5-7fab-4de0-868a-e19466a507af",
"name" : "https://wpscan.com/vulnerability/564a66d5-7fab-4de0-868a-e19466a507af",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/564a66d5-7fab-4de0-868a-e19466a507af",
"name" : "https://wpscan.com/vulnerability/564a66d5-7fab-4de0-868a-e19466a507af",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The PowerPack Lite for Beaver Builder WordPress plugin before 1.2.9.3 does not sanitise and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ideabox:powerpack_for_beaver_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.9.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2025-04-15T15:21Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0177",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-01-24T21:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0178",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0",
"name" : "https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0",
"name" : "https://github.com/snipe/snipe-it/commit/0e5ef53c352754de2778ffa20c85da15fd6f7ae0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368",
"name" : "https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368",
"name" : "https://huntr.dev/bounties/81c6b974-d0b3-410b-a902-8324a55b1368",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization vulnerability in snipe snipe/snipe-it.This issue affects snipe/snipe-i before 5.3.8.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.3.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-13T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0179",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/cf14a0222c67472086cd08b2155f045edaf75f2e",
"name" : "https://github.com/snipe/snipe-it/commit/cf14a0222c67472086cd08b2155f045edaf75f2e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/cf14a0222c67472086cd08b2155f045edaf75f2e",
"name" : "https://github.com/snipe/snipe-it/commit/cf14a0222c67472086cd08b2155f045edaf75f2e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7",
"name" : "https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7",
"name" : "https://huntr.dev/bounties/efdf2ead-f9d1-4767-9f02-d11f762d15e7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "snipe-it is vulnerable to Missing Authorization"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-12T05:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0180",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site request forgery (CSRF) vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0181",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Reflected cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to inject an arbitrary script via unspecified vectors."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0182",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"name" : "https://jvn.jp/en/jp/JVN72788165/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://quizandsurveymaster.com/",
"name" : "https://quizandsurveymaster.com/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://wordpress.org/plugins/quiz-master-next/",
"name" : "https://wordpress.org/plugins/quiz-master-next/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote authenticated attacker to inject an arbitrary script via an website that uses Quiz And Survey Master."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0183",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-311"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN19826500/index.html",
"name" : "https://jvn.jp/en/jp/JVN19826500/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN19826500/index.html",
"name" : "https://jvn.jp/en/jp/JVN19826500/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.kingjim.co.jp/download/security/#mirupass",
"name" : "https://www.kingjim.co.jp/download/security/#mirupass",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.kingjim.co.jp/download/security/#mirupass",
"name" : "https://www.kingjim.co.jp/download/security/#mirupass",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing encryption of sensitive data vulnerability in 'MIRUPASS' PW10 firmware all versions and 'MIRUPASS' PW20 firmware all versions allows an attacker who can physically access the device to obtain the stored passwords."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:kingjim:mirupass_pw10_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:kingjim:mirupass_pw10:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:kingjim:mirupass_pw20_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:kingjim:mirupass_pw20:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "PHYSICAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0184",
"ASSIGNER" : "vultures@jpcert.or.jp"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-522"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://jvn.jp/en/jp/JVN81479705/index.html",
"name" : "https://jvn.jp/en/jp/JVN81479705/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://jvn.jp/en/jp/JVN81479705/index.html",
"name" : "https://jvn.jp/en/jp/JVN81479705/index.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.kingjim.co.jp/download/security/#sr01",
"name" : "https://www.kingjim.co.jp/download/security/#sr01",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.kingjim.co.jp/download/security/#sr01",
"name" : "https://www.kingjim.co.jp/download/security/#sr01",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insufficiently protected credentials vulnerability in 'TEPRA' PRO SR5900P Ver.1.080 and earlier and 'TEPRA' PRO SR-R7900P Ver.1.030 and earlier allows an attacker on the adjacent network to obtain credentials for connecting to the Wi-Fi access point with the infrastructure mode."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:kingjim:tepura_pro_sr5900p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.080",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:kingjim:tepura_pro_sr5900p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:kingjim:tepura_pro_sr-7900p_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.030",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:kingjim:tepura_pro_sr-7900p:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:kingjim:spc10_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.0.1.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:kingjim:spc10:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kingjim:sma3:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "ADJACENT_NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.3
},
"severity" : "LOW",
"exploitabilityScore" : 6.5,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0185",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-191"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"name" : "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220225-0003/",
"name" : "https://security.netapp.com/advisory/ntap-20220225-0003/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"name" : "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"name" : "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=722d94847de2",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"name" : "https://www.willsroot.io/2022/01/cve-2022-0185.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"name" : "https://www.openwall.com/lists/oss-security/2022/01/18/7",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220225-0003/",
"name" : "https://security.netapp.com/advisory/ntap-20220225-0003/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"name" : "https://github.com/Crusaders-of-Rust/CVE-2022-0185",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.1",
"versionEndExcluding" : "5.4.173",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.5",
"versionEndExcluding" : "5.10.93",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.4,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.5,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-11T18:15Z",
"lastModifiedDate" : "2025-04-03T16:08Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0186",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3a9c44c0-866e-4fdf-b53d-666db2e11720",
"name" : "https://wpscan.com/vulnerability/3a9c44c0-866e-4fdf-b53d-666db2e11720",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3a9c44c0-866e-4fdf-b53d-666db2e11720",
"name" : "https://wpscan.com/vulnerability/3a9c44c0-866e-4fdf-b53d-666db2e11720",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Image Photo Gallery Final Tiles Grid WordPress plugin before 3.5.3 does not sanitise and escape the Description field when editing a gallery, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks against other users having access to the gallery dashboard"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:machothemes:image_photo_gallery_final_tiles_grid:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0188",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance",
"name" : "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance",
"name" : "https://plugins.trac.wordpress.org/changeset/2657597/cmp-coming-soon-maintenance",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332",
"name" : "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332",
"name" : "https://wpscan.com/vulnerability/50b6f770-6f53-41ef-b2f3-2a58e9afd332",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The CMP WordPress plugin before 4.0.19 allows any user, even not logged in, to arbitrarily change the coming soon page layout."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:niteothemes:cmp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.0.19",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0189",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2659298",
"name" : "https://plugins.trac.wordpress.org/changeset/2659298",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2659298",
"name" : "https://plugins.trac.wordpress.org/changeset/2659298",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/52a71bf1-b8bc-479e-b741-eb8fb9685014",
"name" : "https://wpscan.com/vulnerability/52a71bf1-b8bc-479e-b741-eb8fb9685014",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/52a71bf1-b8bc-479e-b741-eb8fb9685014",
"name" : "https://wpscan.com/vulnerability/52a71bf1-b8bc-479e-b741-eb8fb9685014",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP RSS Aggregator WordPress plugin before 4.20 does not sanitise and escape the id parameter in the wprss_fetch_items_row_action AJAX action before outputting it back in the response, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wprssaggregator:wp_rss_aggregator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0190",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44",
"name" : "https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44",
"name" : "https://wpscan.com/vulnerability/ae322f11-d8b4-4b69-9efa-0fb87475fa44",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.6 is affected by a SQL Injection in the id parameter of the delete action."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:acnam:ad_invalid_click_protector:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0191",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2705068",
"name" : "https://plugins.trac.wordpress.org/changeset/2705068",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2705068",
"name" : "https://plugins.trac.wordpress.org/changeset/2705068",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d4c32a02-810f-43d8-946a-b7e18ac54f55",
"name" : "https://wpscan.com/vulnerability/d4c32a02-810f-43d8-946a-b7e18ac54f55",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d4c32a02-810f-43d8-946a-b7e18ac54f55",
"name" : "https://wpscan.com/vulnerability/d4c32a02-810f-43d8-946a-b7e18ac54f55",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ad Invalid Click Protector (AICP) WordPress plugin before 1.2.7 does not have CSRF check deleting banned users, which could allow attackers to make a logged in admin remove arbitrary bans"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:acnam:ad_invalid_click_protector:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0192",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-427"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://iknow.lenovo.com.cn/detail/dc_201470.html",
"name" : "https://iknow.lenovo.com.cn/detail/dc_201470.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://iknow.lenovo.com.cn/detail/dc_201470.html",
"name" : "https://iknow.lenovo.com.cn/detail/dc_201470.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A DLL search path vulnerability was reported in Lenovo PCManager prior to version 4.0.40.2175 that could allow privilege escalation."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:pcmanager:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.0.40.2175",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-22T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0193",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2654225",
"name" : "https://plugins.trac.wordpress.org/changeset/2654225",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2654225",
"name" : "https://plugins.trac.wordpress.org/changeset/2654225",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/30d1d328-9f19-4c4c-b90a-04937d617864",
"name" : "https://wpscan.com/vulnerability/30d1d328-9f19-4c4c-b90a-04937d617864",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/30d1d328-9f19-4c4c-b90a-04937d617864",
"name" : "https://wpscan.com/vulnerability/30d1d328-9f19-4c4c-b90a-04937d617864",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Complianz WordPress plugin before 6.0.0 does not escape the s parameter before outputting it back in an attribute in an admin page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:really-simple-plugins:complianz:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0194",
"ASSIGNER" : "zdi-disclosures@trendmicro.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html",
"name" : "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/05/msg00018.html",
"name" : "[debian-lts-announce] 20230516 [SECURITY] [DLA 3426-1] netatalk security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html",
"name" : "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html",
"name" : "https://netatalk.sourceforge.io/3.1/ReleaseNotes3.1.13.html",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://security.gentoo.org/glsa/202311-02",
"name" : "GLSA-202311-02",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202311-02",
"name" : "GLSA-202311-02",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5503",
"name" : "DSA-5503",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5503",
"name" : "DSA-5503",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-530/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-530/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-530/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-530/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ad_addcomment function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15876."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netatalk:netatalk:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.13",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0196",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3675eec7-bbce-4dfd-a2d3-d6862dce9ea6",
"name" : "https://huntr.dev/bounties/3675eec7-bbce-4dfd-a2d3-d6862dce9ea6",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3675eec7-bbce-4dfd-a2d3-d6862dce9ea6",
"name" : "https://huntr.dev/bounties/3675eec7-bbce-4dfd-a2d3-d6862dce9ea6",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.8.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-13T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0197",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/4f18296a1862fe54a4c58701a1f5ec6bd62a4d94",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5abb7915-32f4-4fb1-afa7-bb6d8c4c5ad2",
"name" : "https://huntr.dev/bounties/5abb7915-32f4-4fb1-afa7-bb6d8c4c5ad2",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5abb7915-32f4-4fb1-afa7-bb6d8c4c5ad2",
"name" : "https://huntr.dev/bounties/5abb7915-32f4-4fb1-afa7-bb6d8c4c5ad2",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.8.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-13T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0198",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624d",
"name" : "https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624d",
"name" : "https://github.com/stanfordnlp/corenlp/commit/1f52136321cfca68b991bd7870563d06cf96624d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763",
"name" : "https://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763",
"name" : "https://huntr.dev/bounties/3d7e70fe-dddd-4b79-af62-8e058c4d5763",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "corenlp is vulnerable to Improper Restriction of XML External Entity Reference"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:stanford:corenlp:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "4.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-13T07:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0199",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2659455",
"name" : "https://plugins.trac.wordpress.org/changeset/2659455",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2659455",
"name" : "https://plugins.trac.wordpress.org/changeset/2659455",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1ab1748f-c939-4953-83fc-9df878da7714",
"name" : "https://wpscan.com/vulnerability/1ab1748f-c939-4953-83fc-9df878da7714",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1ab1748f-c939-4953-83fc-9df878da7714",
"name" : "https://wpscan.com/vulnerability/1ab1748f-c939-4953-83fc-9df878da7714",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have CSRF check in its coming_soon_send_mail AJAX action, allowing attackers to make logged in admin to send arbitrary emails to all subscribed users via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdevart:coming_soon_and_maintenance_mode:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0200",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/bbc0b812-7b30-4ab4-bac8-27c706b3f146",
"name" : "https://wpscan.com/vulnerability/bbc0b812-7b30-4ab4-bac8-27c706b3f146",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/bbc0b812-7b30-4ab4-bac8-27c706b3f146",
"name" : "https://wpscan.com/vulnerability/bbc0b812-7b30-4ab4-bac8-27c706b3f146",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Themify Portfolio Post WordPress plugin before 1.1.7 does not sanitise and escape the num_of_pages parameter before outputting it back the response of the themify_create_popup_page_pagination AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:themify:portfolio_post:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0201",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2656512",
"name" : "https://plugins.trac.wordpress.org/changeset/2656512",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2656512",
"name" : "https://plugins.trac.wordpress.org/changeset/2656512",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4",
"name" : "https://wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4",
"name" : "https://wpscan.com/vulnerability/f274b0d8-74bf-43de-9051-29ce36d78ad4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:permalink_manager_lite_project:permalink_manager_lite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.2.15",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:permalink_manager_project:permalink_manager:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding" : "2.2.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0203",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/dd324c8bb6b17009f82afe8bc830caec7241e992",
"name" : "https://github.com/crater-invoice/crater/commit/dd324c8bb6b17009f82afe8bc830caec7241e992",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/dd324c8bb6b17009f82afe8bc830caec7241e992",
"name" : "https://github.com/crater-invoice/crater/commit/dd324c8bb6b17009f82afe8bc830caec7241e992",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/395fc553-2b90-4e69-ba07-a316e1c06406",
"name" : "https://huntr.dev/bounties/395fc553-2b90-4e69-ba07-a316e1c06406",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/395fc553-2b90-4e69-ba07-a316e1c06406",
"name" : "https://huntr.dev/bounties/395fc553-2b90-4e69-ba07-a316e1c06406",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-26T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0204",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039807",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039807",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039807",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039807",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0",
"name" : "https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0",
"name" : "https://github.com/bluez/bluez/commit/591c546c536b42bef696d027f64aa22434f8c3f0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q",
"name" : "https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q",
"name" : "https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html",
"name" : "[debian-lts-announce] 20221024 [SECURITY] [DLA 3157-1] bluez security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/10/msg00026.html",
"name" : "[debian-lts-announce] 20221024 [SECURITY] [DLA 3157-1] bluez security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202209-16",
"name" : "GLSA-202209-16",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202209-16",
"name" : "GLSA-202209-16",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bluez:bluez:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.63",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "ADJACENT_NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.5,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0205",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/446de364-720e-41ec-b80e-7678c8f4ad80",
"name" : "https://wpscan.com/vulnerability/446de364-720e-41ec-b80e-7678c8f4ad80",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/446de364-720e-41ec-b80e-7678c8f4ad80",
"name" : "https://wpscan.com/vulnerability/446de364-720e-41ec-b80e-7678c8f4ad80",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The YOP Poll WordPress plugin before 6.3.5 does not sanitise and escape some of the settings (available to users with a role as low as author) before outputting them, leading to a Stored Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:yop-poll:yop-poll:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.3.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0206",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9",
"name" : "https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9",
"name" : "https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The NewStatPress WordPress plugin before 1.3.6 does not properly escape the whatX parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting issues"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0207",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0207",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0207",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0207",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0207",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2033697",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2033697",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2033697",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2033697",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039248",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039248",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039248",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039248",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gerrit.ovirt.org/c/vdsm/+/118025",
"name" : "https://gerrit.ovirt.org/c/vdsm/+/118025",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://gerrit.ovirt.org/c/vdsm/+/118025",
"name" : "https://gerrit.ovirt.org/c/vdsm/+/118025",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8",
"name" : "https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8",
"name" : "https://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=53b0036fc72d3b8877d4e7f047d705e5a4c722e8",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A race condition was found in vdsm. Functionality to obfuscate sensitive values in log files that may lead to values being stored in clear text."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovirt:vdsm:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.30.1",
"versionEndExcluding" : "4.50.0.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_for_ibm_power_little_endian:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.0,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0208",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc",
"name" : "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc",
"name" : "https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The MapPress Maps for WordPress plugin before 2.73.4 does not sanitise and escape the mapid parameter before outputting it back in the \"Bad mapid\" error message, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.73.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0209",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1e4af9be-5c88-4a3e-89ff-dd2b1bc131fe",
"name" : "https://wpscan.com/vulnerability/1e4af9be-5c88-4a3e-89ff-dd2b1bc131fe",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://wpscan.com/vulnerability/1e4af9be-5c88-4a3e-89ff-dd2b1bc131fe",
"name" : "https://wpscan.com/vulnerability/1e4af9be-5c88-4a3e-89ff-dd2b1bc131fe",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Mitsol Social Post Feed WordPress plugin before 1.11 does not escape some of its settings before outputting them back in attributes, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:facebook-wall-and-social-integration_project:facebook-wall-and-social-integration:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-13T14:15Z",
"lastModifiedDate" : "2025-01-31T19:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0210",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/BigTiger2020/2022/blob/main/Random%20Banner%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/Random%20Banner%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/BigTiger2020/2022/blob/main/Random%20Banner%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/Random%20Banner%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/random-banner/tags/4.1.4/include/models/model.php#L132",
"name" : "https://plugins.trac.wordpress.org/browser/random-banner/tags/4.1.4/include/models/model.php#L132",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/random-banner/tags/4.1.4/include/models/model.php#L132",
"name" : "https://plugins.trac.wordpress.org/browser/random-banner/tags/4.1.4/include/models/model.php#L132",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0210",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0210",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0210",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0210",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Random Banner WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the category parameter found in the ~/include/models/model.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.4. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:buffercode:random_banner:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "4.1.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0211",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0d276cca-d6eb-4f4c-83dd-fbc03254c679",
"name" : "https://wpscan.com/vulnerability/0d276cca-d6eb-4f4c-83dd-fbc03254c679",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d276cca-d6eb-4f4c-83dd-fbc03254c679",
"name" : "https://wpscan.com/vulnerability/0d276cca-d6eb-4f4c-83dd-fbc03254c679",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Shield Security WordPress plugin before 13.0.6 does not sanitise and escape admin notes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:getshieldsecurity:shield_security:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "13.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0212",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/15be2d2b-baa3-4845-82cf-3c351c695b47",
"name" : "https://wpscan.com/vulnerability/15be2d2b-baa3-4845-82cf-3c351c695b47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/15be2d2b-baa3-4845-82cf-3c351c695b47",
"name" : "https://wpscan.com/vulnerability/15be2d2b-baa3-4845-82cf-3c351c695b47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SpiderCalendar WordPress plugin through 1.5.65 does not sanitise and escape the callback parameter before outputting it back in the page via the window AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:10web:spidercalendar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.5.65",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0213",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/01/15/1",
"name" : "[oss-security] 20220114 Re: 3 new CVE's in vim",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26",
"name" : "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26",
"name" : "https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed",
"name" : "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed",
"name" : "https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "vim is vulnerable to Heap-based Buffer Overflow"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "HIGH",
"baseScore" : 6.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 4.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-14T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0214",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-1284"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4",
"name" : "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4",
"name" : "https://wpscan.com/vulnerability/ca2e8feb-15d6-4965-ad9c-8da1bc01e0f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:custom_popup_builder_project:custom_popup_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0215",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/tags/2.2/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"name" : "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/tags/2.2/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/tags/2.2/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"name" : "https://plugins.trac.wordpress.org/browser/easy-login-woocommerce/tags/2.2/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/side-cart-woocommerce/tags/2.1/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=2538194#L128",
"name" : "https://plugins.trac.wordpress.org/browser/side-cart-woocommerce/tags/2.1/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=2538194#L128",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/side-cart-woocommerce/tags/2.1/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=2538194#L128",
"name" : "https://plugins.trac.wordpress.org/browser/side-cart-woocommerce/tags/2.1/includes/xoo-framework/admin/class-xoo-admin-settings.php?rev=2538194#L128",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/waitlist-woocommerce/tags/2.5.1/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"name" : "https://plugins.trac.wordpress.org/browser/waitlist-woocommerce/tags/2.5.1/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/waitlist-woocommerce/tags/2.5.1/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"name" : "https://plugins.trac.wordpress.org/browser/waitlist-woocommerce/tags/2.5.1/includes/xoo-framework/admin/class-xoo-admin-settings.php#L122",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wordfence.com/vulnerability-advisories/#CVE-2022-0215",
"name" : "https://wordfence.com/vulnerability-advisories/#CVE-2022-0215",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wordfence.com/vulnerability-advisories/#CVE-2022-0215",
"name" : "https://wordfence.com/vulnerability-advisories/#CVE-2022-0215",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/01/84000-wordpress-sites-affected-by-three-plugins-with-the-same-vulnerability/",
"name" : "https://www.wordfence.com/blog/2022/01/84000-wordpress-sites-affected-by-three-plugins-with-the-same-vulnerability/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/01/84000-wordpress-sites-affected-by-three-plugins-with-the-same-vulnerability/",
"name" : "https://www.wordfence.com/blog/2022/01/84000-wordpress-sites-affected-by-three-plugins-with-the-same-vulnerability/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Login/Signup Popup, Waitlist Woocommerce ( Back in stock notifier ), and Side Cart Woocommerce (Ajax) WordPress plugins by XootiX are vulnerable to Cross-Site Request Forgery via the save_settings function found in the ~/includes/xoo-framework/admin/class-xoo-admin-settings.php file which makes it possible for attackers to update arbitrary options on a site that can be used to create an administrative user account and grant full privileged access to a compromised site. This affects versions <= 2.2 in Login/Signup Popup, versions <= 2.5.1 in Waitlist Woocommerce ( Back in stock notifier ), and versions <= 2.0 in Side Cart Woocommerce (Ajax)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:xootix:waitlist_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.5.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:xootix:side_cart_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:xootix:login\\/signup_popup:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0216",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0216",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0216",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0216",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0216",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2036953",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2036953",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2036953",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2036953",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4",
"name" : "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4",
"name" : "https://gitlab.com/qemu-project/qemu/-/commit/4367a20cc4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/issues/972",
"name" : "https://gitlab.com/qemu-project/qemu/-/issues/972",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/issues/972",
"name" : "https://gitlab.com/qemu-project/qemu/-/issues/972",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTY7TVHX62OJWF6IOBCIGLR2N5K4QN3E/",
"name" : "FEDORA-2022-4387579e67",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZTY7TVHX62OJWF6IOBCIGLR2N5K4QN3E/",
"name" : "FEDORA-2022-4387579e67",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://starlabs.sg/advisories/22/22-0216/",
"name" : "https://starlabs.sg/advisories/22/22-0216/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://starlabs.sg/advisories/22/22-0216/",
"name" : "https://starlabs.sg/advisories/22/22-0216/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A use-after-free vulnerability was found in the LSI53C895A SCSI Host Bus Adapter emulation of QEMU. The flaw occurs while processing repeated messages to cancel the current SCSI request via the lsi_do_msgout function. This flaw allows a malicious privileged user within the guest to crash the QEMU process on the host, resulting in a denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 4.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0217",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-611"
}, {
"lang" : "en",
"value" : "CWE-776"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040639",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040639",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040639",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040639",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://prosody.im/security/advisory_20220113/",
"name" : "https://prosody.im/security/advisory_20220113/",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://prosody.im/security/advisory_20220113/",
"name" : "https://prosody.im/security/advisory_20220113/",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://prosody.im/security/advisory_20220113/1.patch",
"name" : "https://prosody.im/security/advisory_20220113/1.patch",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://prosody.im/security/advisory_20220113/1.patch",
"name" : "https://prosody.im/security/advisory_20220113/1.patch",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "It was discovered that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs (CWE-776). In addition, depending on the libexpat version used, it may also allow injections using XML External Entity References (CWE-611)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:prosody:prosody:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.11.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0218",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/",
"name" : "https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/",
"name" : "https://www.wordfence.com/blog/2022/01/unauthenticated-xss-vulnerability-patched-in-html-email-template-designer-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP HTML Mail WordPress plugin is vulnerable to unauthorized access which allows unauthenticated attackers to retrieve and modify theme settings due to a missing capability check on the /themesettings REST-API endpoint found in the ~/includes/class-template-designer.php file, in versions up to and including 3.0.9. This makes it possible for attackers with no privileges to execute the endpoint and add malicious JavaScript to a vulnerable WordPress site."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:codemiq:wordpress_email_template_designer:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.0.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0219",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/skylot/jadx/commit/d22db30166e7cb369d72be41382bb63ac8b81c52",
"name" : "https://github.com/skylot/jadx/commit/d22db30166e7cb369d72be41382bb63ac8b81c52",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/skylot/jadx/commit/d22db30166e7cb369d72be41382bb63ac8b81c52",
"name" : "https://github.com/skylot/jadx/commit/d22db30166e7cb369d72be41382bb63ac8b81c52",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0d093863-29e8-4dd7-a885-64f76d50bf5e",
"name" : "https://huntr.dev/bounties/0d093863-29e8-4dd7-a885-64f76d50bf5e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0d093863-29e8-4dd7-a885-64f76d50bf5e",
"name" : "https://huntr.dev/bounties/0d093863-29e8-4dd7-a885-64f76d50bf5e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jadx_project:jadx:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-20T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0220",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059",
"name" : "https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059",
"name" : "https://wpscan.com/vulnerability/a91a01b9-7e36-4280-bc50-f6cff3e66059",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The check_privacy_settings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an \"application/json\" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web browser led to this endpoint. Javascript code may be executed on a victim's browser. Due to v1.9.26 adding a CSRF check, the XSS is only exploitable against unauthenticated users (as they all share the same nonce)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:welaunch:wordpress_gdpr\\&ccpa:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.9.26",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-01T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0221",
"ASSIGNER" : "cpcert@se.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-611"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.se.com/ww/en/download/document/SEVD-2022-087-01/",
"name" : "https://www.se.com/ww/en/download/document/SEVD-2022-087-01/",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://www.se.com/ww/en/download/document/SEVD-2022-087-01/",
"name" : "https://www.se.com/ww/en/download/document/SEVD-2022-087-01/",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A CWE-611: Improper Restriction of XML External Entity Reference vulnerability exists that could result in information disclosure when opening a malicious solution file provided by an attacker with SCADAPack Workbench. This could be exploited to pass data from local files to a remote system controlled by an attacker. Affected Product: SCADAPack Workbench (6.6.8a and prior)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:schneider-electric:scadapack_workbench:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "6.6.8a",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-13T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0222",
"ASSIGNER" : "cpcert@se.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.se.com/us/en/download/document/SEVD-2022-102-02/",
"name" : "https://www.se.com/us/en/download/document/SEVD-2022-102-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.se.com/us/en/download/document/SEVD-2022-102-02/",
"name" : "https://www.se.com/us/en/download/document/SEVD-2022-102-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.50",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:modicon_m340_bmxnor0200h:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-11-22T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0223",
"ASSIGNER" : "cpcert@se.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-05_EcoStruxure_Power_Commission_Security_Notification.pdf",
"name" : "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-05_EcoStruxure_Power_Commission_Security_Notification.pdf",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-05_EcoStruxure_Power_Commission_Security_Notification.pdf",
"name" : "https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-165-05_EcoStruxure_Power_Commission_Security_Notification.pdf",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could allow an attacker to create or overwrite critical files that are used to execute code, such as programs or libraries and cause unauthenticated code execution. Affected Products: EcoStruxure Power Commission (Versions prior to V2.22)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:schneider-electric:ecostruxure_power_commission:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.22",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-01-30T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0224",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79",
"name" : "https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79",
"name" : "https://github.com/dolibarr/dolibarr/commit/b9b45fb50618aa8053961f50bc8604b188d0ea79",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486",
"name" : "https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486",
"name" : "https://huntr.dev/bounties/f1d1ce3e-ca92-4c7b-b1b8-934e28eaa486",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "dolibarr is vulnerable to Improper Neutralization of Special Elements used in an SQL Command"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-14T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0225",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040268",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040268",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040268",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040268",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m",
"name" : "https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m",
"name" : "https://github.com/keycloak/keycloak/security/advisories/GHSA-755v-r4x4-qf7m",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Keycloak. This flaw allows a privileged attacker to use the malicious payload as the group name while creating a new group from the admin console, leading to a stored Cross-site scripting (XSS) attack."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-08-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0226",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/f59ffb02984c0ce2fbb19ac39365066507de9370",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/f59ffb02984c0ce2fbb19ac39365066507de9370",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/f59ffb02984c0ce2fbb19ac39365066507de9370",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/f59ffb02984c0ce2fbb19ac39365066507de9370",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/635d0abf-7680-47f6-a277-d9a91471c73f",
"name" : "https://huntr.dev/bounties/635d0abf-7680-47f6-a277-d9a91471c73f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/635d0abf-7680-47f6-a277-d9a91471c73f",
"name" : "https://huntr.dev/bounties/635d0abf-7680-47f6-a277-d9a91471c73f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-14T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0227",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0228",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2659117",
"name" : "https://plugins.trac.wordpress.org/changeset/2659117",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2659117",
"name" : "https://plugins.trac.wordpress.org/changeset/2659117",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9",
"name" : "https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9",
"name" : "https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Popup Builder WordPress plugin before 4.0.7 does not validate and properly escape the orderby and order parameters before using them in a SQL statement in the admin dashboard, which could allow high privilege users to perform SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.0.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0229",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d70c5335-4c01-448d-85fc-f8e75b104351",
"name" : "https://wpscan.com/vulnerability/d70c5335-4c01-448d-85fc-f8e75b104351",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d70c5335-4c01-448d-85fc-f8e75b104351",
"name" : "https://wpscan.com/vulnerability/d70c5335-4c01-448d-85fc-f8e75b104351",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The miniOrange's Google Authenticator WordPress plugin before 5.5 does not have proper authorisation and CSRF checks when handling the reconfigureMethod, and does not validate the parameters passed to it properly. As a result, unauthenticated users could delete arbitrary options from the blog, making it unusable."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:miniorange:google_authenticator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0230",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c73316d2-ae6a-42db-935b-b8b03a7e4363",
"name" : "https://wpscan.com/vulnerability/c73316d2-ae6a-42db-935b-b8b03a7e4363",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c73316d2-ae6a-42db-935b-b8b03a7e4363",
"name" : "https://wpscan.com/vulnerability/c73316d2-ae6a-42db-935b-b8b03a7e4363",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Better WordPress Google XML Sitemaps WordPress plugin through 1.4.1 does not sanitise and escape its logs when outputting them in the admin dashboard, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bwp-google-xml-sitemaps_project:bwp-google-xml-sitemaps:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.4.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0231",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/6ad1349dc5e7503b00c5017499a0a895d7654a61",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/6ad1349dc5e7503b00c5017499a0a895d7654a61",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/6ad1349dc5e7503b00c5017499a0a895d7654a61",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/6ad1349dc5e7503b00c5017499a0a895d7654a61",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/adaf98cf-60ab-40e0-aa3b-42ba0d3b7cbf",
"name" : "https://huntr.dev/bounties/adaf98cf-60ab-40e0-aa3b-42ba0d3b7cbf",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/adaf98cf-60ab-40e0-aa3b-42ba0d3b7cbf",
"name" : "https://huntr.dev/bounties/adaf98cf-60ab-40e0-aa3b-42ba0d3b7cbf",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.91",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0232",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/BigTiger2020/2022/blob/main/User%20Registration%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/User%20Registration%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/BigTiger2020/2022/blob/main/User%20Registration%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/User%20Registration%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/custom-landing-pages-leadmagic/tags/1.2.6/includes/templates/landing-page.php#L35",
"name" : "https://plugins.trac.wordpress.org/browser/custom-landing-pages-leadmagic/tags/1.2.6/includes/templates/landing-page.php#L35",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/custom-landing-pages-leadmagic/tags/1.2.6/includes/templates/landing-page.php#L35",
"name" : "https://plugins.trac.wordpress.org/browser/custom-landing-pages-leadmagic/tags/1.2.6/includes/templates/landing-page.php#L35",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0232",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0232",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0232",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0232",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The User Registration, Login & Landing Pages WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the loader_text parameter found in the ~/includes/templates/landing-page.php file which allows attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 1.2.7. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:metagauss:leadmagic:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0233",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/BigTiger2020/2022/blob/main/ProfileGrid%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/ProfileGrid%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/BigTiger2020/2022/blob/main/ProfileGrid%20Xss.md",
"name" : "https://github.com/BigTiger2020/2022/blob/main/ProfileGrid%20Xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/4.7.4/admin/class-profile-magic-admin.php#L961",
"name" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/4.7.4/admin/class-profile-magic-admin.php#L961",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/4.7.4/admin/class-profile-magic-admin.php#L961",
"name" : "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/4.7.4/admin/class-profile-magic-admin.php#L961",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0233",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0233",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0233",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0233",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The ProfileGrid – User Profiles, Memberships, Groups and Communities WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the pm_user_avatar and pm_cover_image parameters found in the ~/admin/class-profile-magic-admin.php file which allows attackers with authenticated user access, such as subscribers, to inject arbitrary web scripts into their profile, in versions up to and including 1.2.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:metagauss:profilegrid:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "4.7.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0234",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2659191",
"name" : "https://plugins.trac.wordpress.org/changeset/2659191",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2659191",
"name" : "https://plugins.trac.wordpress.org/changeset/2659191",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b",
"name" : "https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b",
"name" : "https://wpscan.com/vulnerability/fd568a1f-bd51-41bb-960d-f8573b84527b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WOOCS WordPress plugin before 1.3.7.5 does not sanitise and escape the woocs_in_order_currency parameter of the woocs_get_products_price_html AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pluginus:woocs:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.7.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0235",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10",
"name" : "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10",
"name" : "https://github.com/node-fetch/node-fetch/commit/36e47e8a6406185921e4985dcbeff140d73eaa10",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7",
"name" : "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7",
"name" : "https://huntr.dev/bounties/d26ab655-38d6-48b3-be15-f9ad6b6ae6f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html",
"name" : "[debian-lts-announce] 20221205 [SECURITY] [DLA 3222-1] node-fetch security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00007.html",
"name" : "[debian-lts-announce] 20221205 [SECURITY] [DLA 3222-1] node-fetch security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:node-fetch_project:node-fetch:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "2.6.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:node-fetch_project:node-fetch:*:*:*:*:*:node.js:*:*",
"versionStartIncluding" : "3.0.0",
"versionEndExcluding" : "3.1.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-16T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0236",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/qurbat/CVE-2022-0236",
"name" : "https://github.com/qurbat/CVE-2022-0236",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/qurbat/CVE-2022-0236",
"name" : "https://github.com/qurbat/CVE-2022-0236",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0236",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vjinfotech:wp_import_export_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.9.15",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vjinfotech:wp_import_export:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.9.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0237",
"ASSIGNER" : "cve@rapid7.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-428"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://docs.rapid7.com/release-notes/insightagent/20220225/",
"name" : "https://docs.rapid7.com/release-notes/insightagent/20220225/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://docs.rapid7.com/release-notes/insightagent/20220225/",
"name" : "https://docs.rapid7.com/release-notes/insightagent/20220225/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://gist.github.com/n2dez/05d43c616f2b403e84ee55d4d7aab251",
"name" : "https://gist.github.com/n2dez/05d43c616f2b403e84ee55d4d7aab251",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gist.github.com/n2dez/05d43c616f2b403e84ee55d4d7aab251",
"name" : "https://gist.github.com/n2dez/05d43c616f2b403e84ee55d4d7aab251",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. This issue was fixed in Rapid7 Insight Agent version 3.1.3.80."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rapid7:insight_agent:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1.2.38",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-17T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0238",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/5755b3bf979cd04caa6feee07e403a5be5ac320e",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/5755b3bf979cd04caa6feee07e403a5be5ac320e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/5755b3bf979cd04caa6feee07e403a5be5ac320e",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/5755b3bf979cd04caa6feee07e403a5be5ac320e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/63f24b24-4af2-47b8-baea-7ad5f4db3633",
"name" : "https://huntr.dev/bounties/63f24b24-4af2-47b8-baea-7ad5f4db3633",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/63f24b24-4af2-47b8-baea-7ad5f4db3633",
"name" : "https://huntr.dev/bounties/63f24b24-4af2-47b8-baea-7ad5f4db3633",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57V2CSFU5MKWKL6RJUKMXSD4PCRFTMMQ/",
"name" : "FEDORA-2022-8f968eea82",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BU7E6OOZCXS3ZWHOQ2AR7MKM56IN2R6R/",
"name" : "FEDORA-2022-43f11039b2",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "phoronix-test-suite is vulnerable to Cross-Site Request Forgery (CSRF)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.8.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-16T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0239",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd",
"name" : "https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd",
"name" : "https://github.com/stanfordnlp/corenlp/commit/1940ffb938dc4f3f5bc5f2a2fd8b35aabbbae3dd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3",
"name" : "https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3",
"name" : "https://huntr.dev/bounties/a717aec2-5646-4a5f-ade0-dadc25736ae3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "corenlp is vulnerable to Improper Restriction of XML External Entity Reference"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:stanford:corenlp:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "4.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T07:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0240",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca",
"name" : "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca",
"name" : "https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb",
"name" : "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb",
"name" : "https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "mruby is vulnerable to NULL Pointer Dereference"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0242",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/dcb3ddecb9f4cde622cc42c51a2760747797624f",
"name" : "https://github.com/crater-invoice/crater/commit/dcb3ddecb9f4cde622cc42c51a2760747797624f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/dcb3ddecb9f4cde622cc42c51a2760747797624f",
"name" : "https://github.com/crater-invoice/crater/commit/dcb3ddecb9f4cde622cc42c51a2760747797624f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/19f3e5f7-b419-44b1-9c37-7e4404cbec94",
"name" : "https://huntr.dev/bounties/19f3e5f7-b419-44b1-9c37-7e4404cbec94",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/19f3e5f7-b419-44b1-9c37-7e4404cbec94",
"name" : "https://huntr.dev/bounties/19f3e5f7-b419-44b1-9c37-7e4404cbec94",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0243",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"name" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"name" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa538421-ae55-4288-928f-4e96aaed5803",
"name" : "https://huntr.dev/bounties/fa538421-ae55-4288-928f-4e96aaed5803",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa538421-ae55-4288-928f-4e96aaed5803",
"name" : "https://huntr.dev/bounties/fa538421-ae55-4288-928f-4e96aaed5803",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-19T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0244",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-552"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0244.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0244.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0244.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0244.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349524",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349524",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349524",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349524",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1439593",
"name" : "https://hackerone.com/reports/1439593",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1439593",
"name" : "https://hackerone.com/reports/1439593",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. Arbitrary file read was possible by importing a group was due to incorrect handling of file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5",
"versionEndIncluding" : "14.5.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5",
"versionEndIncluding" : "14.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0245",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/c2fa19afeb8b1ea927fea3fd452515c95f289fb9",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/c2fa19afeb8b1ea927fea3fd452515c95f289fb9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/c2fa19afeb8b1ea927fea3fd452515c95f289fb9",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/c2fa19afeb8b1ea927fea3fd452515c95f289fb9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6a6aca72-32b7-45b3-a8ba-9b400b2d669c",
"name" : "https://huntr.dev/bounties/6a6aca72-32b7-45b3-a8ba-9b400b2d669c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6a6aca72-32b7-45b3-a8ba-9b400b2d669c",
"name" : "https://huntr.dev/bounties/6a6aca72-32b7-45b3-a8ba-9b400b2d669c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in GitHub repository livehelperchat/livehelperchat prior to 2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:livehelperchat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T06:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0246",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/892802b1-26e2-4ce1-be6f-71ce29687776",
"name" : "https://wpscan.com/vulnerability/892802b1-26e2-4ce1-be6f-71ce29687776",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/892802b1-26e2-4ce1-be6f-71ce29687776",
"name" : "https://wpscan.com/vulnerability/892802b1-26e2-4ce1-be6f-71ce29687776",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to \"Zip Slip\" vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:webence:iq_block_country:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0247",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-732"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://fuchsia.googlesource.com/fuchsia/+/d97c05d2301799ed585620a9c5c739d36e7b5d3d",
"name" : "https://fuchsia.googlesource.com/fuchsia/+/d97c05d2301799ed585620a9c5c739d36e7b5d3d",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://fuchsia.googlesource.com/fuchsia/+/d97c05d2301799ed585620a9c5c739d36e7b5d3d",
"name" : "https://fuchsia.googlesource.com/fuchsia/+/d97c05d2301799ed585620a9c5c739d36e7b5d3d",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue exists in Fuchsia where VMO data can be modified through access to copy-on-write snapshots. A local attacker could modify objects in the VMO that they do not have permission to. We recommend upgrading past commit d97c05d2301799ed585620a9c5c739d36e7b5d3d or any of the listed versions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:google:fuchsia:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2022-01-03",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-25T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0248",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2682024",
"name" : "https://plugins.trac.wordpress.org/changeset/2682024",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2682024",
"name" : "https://plugins.trac.wordpress.org/changeset/2682024",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d02cf542-2d75-46bc-a0df-67bbe501cc89",
"name" : "https://wpscan.com/vulnerability/d02cf542-2d75-46bc-a0df-67bbe501cc89",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d02cf542-2d75-46bc-a0df-67bbe501cc89",
"name" : "https://wpscan.com/vulnerability/d02cf542-2d75-46bc-a0df-67bbe501cc89",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Contact Form Submissions WordPress plugin before 1.7.3 does not sanitise and escape additional fields in contact form requests before outputting them in the related submission. As a result, unauthenticated attacker could perform Cross-Site Scripting attacks against admins viewing the malicious submission"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:contact_form_submissions_project:contact_form_submissions:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.7.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0249",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0249.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0249.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0249.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0249.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29395",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29395",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29395",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/29395",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://hackerone.com/reports/579934",
"name" : "https://hackerone.com/reports/579934",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/579934",
"name" : "https://hackerone.com/reports/579934",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was discovered in GitLab starting with version 12. GitLab was vulnerable to a blind SSRF attack since requests to shared address space were not blocked."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0250",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/05700942-3143-4978-89eb-814ceff74867",
"name" : "https://wpscan.com/vulnerability/05700942-3143-4978-89eb-814ceff74867",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/05700942-3143-4978-89eb-814ceff74867",
"name" : "https://wpscan.com/vulnerability/05700942-3143-4978-89eb-814ceff74867",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Redirection for Contact Form 7 WordPress plugin before 2.5.0 does not escape a link generated before outputting it in an attribute, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redirection-for-contact-form7:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-07-04T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0251",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/3ae96b9d41c117aafa45873ad10077d4b873a3cb",
"name" : "https://github.com/pimcore/pimcore/commit/3ae96b9d41c117aafa45873ad10077d4b873a3cb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/3ae96b9d41c117aafa45873ad10077d4b873a3cb",
"name" : "https://github.com/pimcore/pimcore/commit/3ae96b9d41c117aafa45873ad10077d4b873a3cb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/eb4b08f9-cf8b-4335-b3b8-ed44e5fa80a5",
"name" : "https://huntr.dev/bounties/eb4b08f9-cf8b-4335-b3b8-ed44e5fa80a5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/eb4b08f9-cf8b-4335-b3b8-ed44e5fa80a5",
"name" : "https://huntr.dev/bounties/eb4b08f9-cf8b-4335-b3b8-ed44e5fa80a5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.10."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0252",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2659032",
"name" : "https://plugins.trac.wordpress.org/changeset/2659032",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2659032",
"name" : "https://plugins.trac.wordpress.org/changeset/2659032",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b0e551af-087b-43e7-bdb7-11d7f639028a",
"name" : "https://wpscan.com/vulnerability/b0e551af-087b-43e7-bdb7-11d7f639028a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b0e551af-087b-43e7-bdb7-11d7f639028a",
"name" : "https://wpscan.com/vulnerability/b0e551af-087b-43e7-bdb7-11d7f639028a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The GiveWP WordPress plugin before 2.17.3 does not escape the json parameter before outputting it back in an attribute in the Import admin dashboard, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.17.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0253",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/407d0b1a1fa56fa6f824a19092774f10f4880437",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/407d0b1a1fa56fa6f824a19092774f10f4880437",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/407d0b1a1fa56fa6f824a19092774f10f4880437",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/407d0b1a1fa56fa6f824a19092774f10f4880437",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ac7f7eba-ee0b-4a50-bd89-29fd9b3e8303",
"name" : "https://huntr.dev/bounties/ac7f7eba-ee0b-4a50-bd89-29fd9b3e8303",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ac7f7eba-ee0b-4a50-bd89-29fd9b3e8303",
"name" : "https://huntr.dev/bounties/ac7f7eba-ee0b-4a50-bd89-29fd9b3e8303",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "livehelperchat is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:livehelperchat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.91",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0254",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2660225",
"name" : "https://plugins.trac.wordpress.org/changeset/2660225",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2660225",
"name" : "https://plugins.trac.wordpress.org/changeset/2660225",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2680906",
"name" : "https://plugins.trac.wordpress.org/changeset/2680906",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2680906",
"name" : "https://plugins.trac.wordpress.org/changeset/2680906",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ae54681f-7b89-408c-b0ee-ba4a520db997",
"name" : "https://wpscan.com/vulnerability/ae54681f-7b89-408c-b0ee-ba4a520db997",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ae54681f-7b89-408c-b0ee-ba4a520db997",
"name" : "https://wpscan.com/vulnerability/ae54681f-7b89-408c-b0ee-ba4a520db997",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WordPress Zero Spam WordPress plugin before 5.2.11 does not properly sanitise and escape the order and orderby parameters before using them in a SQL statement in the admin dashboard, leading to a SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:highfivery:zero-spam:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0255",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/684bb06d-864f-4cba-ab0d-f83974d026fa",
"name" : "https://wpscan.com/vulnerability/684bb06d-864f-4cba-ab0d-f83974d026fa",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/684bb06d-864f-4cba-ab0d-f83974d026fa",
"name" : "https://wpscan.com/vulnerability/684bb06d-864f-4cba-ab0d-f83974d026fa",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Database Backup for WordPress plugin before 2.5.1 does not properly sanitise and escape the fragment parameter before using it in a SQL statement in the admin dashboard, leading to a SQL injection issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:deliciousbrains:database_backup:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.5.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0256",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/dff1cb0c466abcd55f1268934de3ed937b7436a7",
"name" : "https://github.com/pimcore/pimcore/commit/dff1cb0c466abcd55f1268934de3ed937b7436a7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/dff1cb0c466abcd55f1268934de3ed937b7436a7",
"name" : "https://github.com/pimcore/pimcore/commit/dff1cb0c466abcd55f1268934de3ed937b7436a7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8d88e48a-7124-4aaf-9f1d-6cfe4f9a79c1",
"name" : "https://huntr.dev/bounties/8d88e48a-7124-4aaf-9f1d-6cfe4f9a79c1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8d88e48a-7124-4aaf-9f1d-6cfe4f9a79c1",
"name" : "https://huntr.dev/bounties/8d88e48a-7124-4aaf-9f1d-6cfe4f9a79c1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0257",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/dfaf78b26fb77990267c0cc05b9fcb9f8de7b66d",
"name" : "https://github.com/pimcore/pimcore/commit/dfaf78b26fb77990267c0cc05b9fcb9f8de7b66d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/dfaf78b26fb77990267c0cc05b9fcb9f8de7b66d",
"name" : "https://github.com/pimcore/pimcore/commit/dfaf78b26fb77990267c0cc05b9fcb9f8de7b66d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bad2073c-bbd5-4425-b3e9-c336b73ddda6",
"name" : "https://huntr.dev/bounties/bad2073c-bbd5-4425-b3e9-c336b73ddda6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bad2073c-bbd5-4425-b3e9-c336b73ddda6",
"name" : "https://huntr.dev/bounties/bad2073c-bbd5-4425-b3e9-c336b73ddda6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-17T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0258",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/66281c12479dc01a06258d8533eaddfb1770d5bd",
"name" : "https://github.com/pimcore/pimcore/commit/66281c12479dc01a06258d8533eaddfb1770d5bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/66281c12479dc01a06258d8533eaddfb1770d5bd",
"name" : "https://github.com/pimcore/pimcore/commit/66281c12479dc01a06258d8533eaddfb1770d5bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0df891e4-6412-4d9a-a9b7-d9df50311802",
"name" : "https://huntr.dev/bounties/0df891e4-6412-4d9a-a9b7-d9df50311802",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0df891e4-6412-4d9a-a9b7-d9df50311802",
"name" : "https://huntr.dev/bounties/0df891e4-6412-4d9a-a9b7-d9df50311802",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-17T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0259",
"ASSIGNER" : "vulnerability@ncsc.ch"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2023-01-04T14:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0260",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/3125d5f0c04cfb5835857ca9416f0bb143130a2f",
"name" : "https://github.com/pimcore/pimcore/commit/3125d5f0c04cfb5835857ca9416f0bb143130a2f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/3125d5f0c04cfb5835857ca9416f0bb143130a2f",
"name" : "https://github.com/pimcore/pimcore/commit/3125d5f0c04cfb5835857ca9416f0bb143130a2f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/89e4ab60-21ec-4396-92ad-5b78d4c2897e",
"name" : "https://huntr.dev/bounties/89e4ab60-21ec-4396-92ad-5b78d4c2897e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/89e4ab60-21ec-4396-92ad-5b78d4c2897e",
"name" : "https://huntr.dev/bounties/89e4ab60-21ec-4396-92ad-5b78d4c2897e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.2.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0261",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc",
"name" : "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc",
"name" : "https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82",
"name" : "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82",
"name" : "https://huntr.dev/bounties/fa795954-8775-4f23-98c6-d4d4d3fe8a82",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4120",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.12.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0262",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6f36e841ce55f67e2e95253dd58f80659ef166c7",
"name" : "https://github.com/pimcore/pimcore/commit/6f36e841ce55f67e2e95253dd58f80659ef166c7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6f36e841ce55f67e2e95253dd58f80659ef166c7",
"name" : "https://github.com/pimcore/pimcore/commit/6f36e841ce55f67e2e95253dd58f80659ef166c7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b38a4e14-5dcb-4e49-9990-494dc2a8fa0d",
"name" : "https://huntr.dev/bounties/b38a4e14-5dcb-4e49-9990-494dc2a8fa0d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b38a4e14-5dcb-4e49-9990-494dc2a8fa0d",
"name" : "https://huntr.dev/bounties/b38a4e14-5dcb-4e49-9990-494dc2a8fa0d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-18T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0263",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/35d1853baf64d6a1d90fd8803e52439da53a3911",
"name" : "https://github.com/pimcore/pimcore/commit/35d1853baf64d6a1d90fd8803e52439da53a3911",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/35d1853baf64d6a1d90fd8803e52439da53a3911",
"name" : "https://github.com/pimcore/pimcore/commit/35d1853baf64d6a1d90fd8803e52439da53a3911",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/96506857-06bc-4c84-88b7-4f397715bcf6",
"name" : "https://huntr.dev/bounties/96506857-06bc-4c84-88b7-4f397715bcf6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/96506857-06bc-4c84-88b7-4f397715bcf6",
"name" : "https://huntr.dev/bounties/96506857-06bc-4c84-88b7-4f397715bcf6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-18T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0264",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-755"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2041547",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2041547",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2041547",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2041547",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.16:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0265",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hazelcast/hazelcast/commit/4d6b666cd0291abd618c3b95cdbb51aa4208e748",
"name" : "https://github.com/hazelcast/hazelcast/commit/4d6b666cd0291abd618c3b95cdbb51aa4208e748",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hazelcast/hazelcast/commit/4d6b666cd0291abd618c3b95cdbb51aa4208e748",
"name" : "https://github.com/hazelcast/hazelcast/commit/4d6b666cd0291abd618c3b95cdbb51aa4208e748",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563",
"name" : "https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563",
"name" : "https://huntr.dev/bounties/d63972a2-b910-480a-a86b-d1f75d24d563",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Restriction of XML External Entity Reference in GitHub repository hazelcast/hazelcast in 5.1-BETA-1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hazelcast:hazelcast:5.1:beta1:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-03T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0266",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/cc1122aed0d1ad9f05757eaea2ab9e6a924776bd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b",
"name" : "https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b",
"name" : "https://huntr.dev/bounties/1ac267be-3af8-4774-89f2-77234d144d6b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in Packagist remdex/livehelperchat prior to 3.92v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.92",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.7,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-19T06:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0267",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7df70f49-547f-4bdb-bf9b-2e06f93488c6",
"name" : "https://wpscan.com/vulnerability/7df70f49-547f-4bdb-bf9b-2e06f93488c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7df70f49-547f-4bdb-bf9b-2e06f93488c6",
"name" : "https://wpscan.com/vulnerability/7df70f49-547f-4bdb-bf9b-2e06f93488c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The AdRotate WordPress plugin before 5.8.22 does not sanitise and escape the adrotate_action before using it in a SQL statement via the adrotate_request_action function available to admins, leading to a SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:adrotate_project:adrotate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.8.22",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0268",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735",
"name" : "https://github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735",
"name" : "https://github.com/getgrav/grav/commit/6f2fa9311afb9ecd34030dec2aff7b39e9e7e735",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39",
"name" : "https://huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39",
"name" : "https://huntr.dev/bounties/67085545-331e-4469-90f3-a1a46a078d39",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to 1.7.28."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.28",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-25T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0269",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/yetiforcecompany/yetiforcecrm/commit/298c7870e6fe4332d8aa1757a9c8d79f841389ff",
"name" : "https://github.com/yetiforcecompany/yetiforcecrm/commit/298c7870e6fe4332d8aa1757a9c8d79f841389ff",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/yetiforcecompany/yetiforcecrm/commit/298c7870e6fe4332d8aa1757a9c8d79f841389ff",
"name" : "https://github.com/yetiforcecompany/yetiforcecrm/commit/298c7870e6fe4332d8aa1757a9c8d79f841389ff",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a0470915-f6df-45b8-b3a2-01aebe764df0",
"name" : "https://huntr.dev/bounties/a0470915-f6df-45b8-b3a2-01aebe764df0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a0470915-f6df-45b8-b3a2-01aebe764df0",
"name" : "https://huntr.dev/bounties/a0470915-f6df-45b8-b3a2-01aebe764df0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm prior to 6.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:yetiforce:yetiforce_customer_relationship_management:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.1,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-24T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0270",
"ASSIGNER" : "psirt@mirantis.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/Mirantis/security/blob/main/advisories/0004.md",
"name" : "https://github.com/Mirantis/security/blob/main/advisories/0004.md",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/Mirantis/security/blob/main/advisories/0004.md",
"name" : "https://github.com/Mirantis/security/blob/main/advisories/0004.md",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes impersonation headers allowing a user to override assigned user name and groups."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mirantis:bored-agent:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0271",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2",
"name" : "https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2",
"name" : "https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The LearnPress WordPress plugin before 4.1.6 does not sanitise and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.1.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0272",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-611"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/detekt/detekt/commit/c965a8d2a6bbdb9bcfc6acfa7bbffd3da81f5395",
"name" : "https://github.com/detekt/detekt/commit/c965a8d2a6bbdb9bcfc6acfa7bbffd3da81f5395",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/detekt/detekt/commit/c965a8d2a6bbdb9bcfc6acfa7bbffd3da81f5395",
"name" : "https://github.com/detekt/detekt/commit/c965a8d2a6bbdb9bcfc6acfa7bbffd3da81f5395",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/23e37ba7-96d5-4037-a90a-8c8f4a70ce44",
"name" : "https://huntr.dev/bounties/23e37ba7-96d5-4037-a90a-8c8f4a70ce44",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/23e37ba7-96d5-4037-a90a-8c8f4a70ce44",
"name" : "https://huntr.dev/bounties/23e37ba7-96d5-4037-a90a-8c8f4a70ce44",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Restriction of XML External Entity Reference in GitHub repository detekt/detekt prior to 1.20.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:detekt:detekt:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.20.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-21T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0273",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcf",
"name" : "https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcf",
"name" : "https://github.com/janeczku/calibre-web/commit/0c0313f375bed7b035c8c0482bbb09599e16bfcf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13",
"name" : "https://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13",
"name" : "https://huntr.dev/bounties/8f27686f-d698-4ab6-8ef0-899125792f13",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control in Pypi calibreweb prior to 0.6.16."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-30T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0274",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"name" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"name" : "https://github.com/orchardcms/orchardcore/commit/218f25ddfadb66a54de7a82dffe3ab2e4ab7c4b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764",
"name" : "https://huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764",
"name" : "https://huntr.dev/bounties/a82a714a-9b71-475e-bfc3-43326fcaf764",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.Cms.Targets prior to 1.2.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-19T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0277",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"name" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"name" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316",
"name" : "https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316",
"name" : "https://huntr.dev/bounties/0e776f3d-35b1-4a9e-8fe8-91e46c0d6316",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.2.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-20T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0278",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7",
"name" : "https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7",
"name" : "https://github.com/microweber/microweber/commit/b64ef574b82dbf89a908e1569d790c7012d1ccd7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030",
"name" : "https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030",
"name" : "https://huntr.dev/bounties/64495d0f-d5ec-4542-9693-32372c18d030",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-20T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0279",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/43a4b2d3-1bd5-490c-982c-bb7120595865",
"name" : "https://wpscan.com/vulnerability/43a4b2d3-1bd5-490c-982c-bb7120595865",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/43a4b2d3-1bd5-490c-982c-bb7120595865",
"name" : "https://wpscan.com/vulnerability/43a4b2d3-1bd5-490c-982c-bb7120595865",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bologer:anycomment:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "0.2.18",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 3.1,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.6,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0280",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-367"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view",
"name" : "https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view",
"name" : "https://service.mcafee.com/?articleId=TS103271&page=shell&shell=article-view",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A race condition vulnerability exists in the QuickClean feature of McAfee Total Protection for Windows prior to 16.0.43 that allows a local user to gain privilege elevation and perform an arbitrary file delete. This could lead to sensitive files being deleted and potentially cause denial of service. This attack exploits the way symlinks are created and how the product works with them."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:a:mcafee:total_protection:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.43",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.0,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 3.3
},
"severity" : "LOW",
"exploitabilityScore" : 3.4,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0281",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"name" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"name" : "https://github.com/microweber/microweber/commit/e680e134a4215c979bfd2eaf58336be34c8fc6e6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505",
"name" : "https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505",
"name" : "https://huntr.dev/bounties/315f5ac6-1b5e-4444-ad8f-802371da3505",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Sensitive Information to an Unauthorized Actor in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.2.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-20T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0282",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a",
"name" : "https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a",
"name" : "https://github.com/microweber/microweber/commit/51b5a4e3ef01e587797c0109159a8ad9d2bac77a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd",
"name" : "https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd",
"name" : "https://huntr.dev/bounties/8815b642-bd9b-4737-951b-bde7319faedd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting in Packagist microweber/microweber prior to 1.2.11.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.2.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-20T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0283",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0283.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0283.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0283.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0283.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349422",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349422",
"refsource" : "",
"tags" : [ "Broken Link", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349422",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349422",
"refsource" : "",
"tags" : [ "Broken Link", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:14.7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "13.5",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0284",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0284",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0284",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0284",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0284",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045943",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045943",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045943",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045943",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7",
"name" : "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7",
"name" : "https://github.com/ImageMagick/ImageMagick/commit/e50f19fd73c792ebe912df8ab83aa51a243a3da7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/4729",
"name" : "https://github.com/ImageMagick/ImageMagick/issues/4729",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ImageMagick/ImageMagick/issues/4729",
"name" : "https://github.com/ImageMagick/ImageMagick/issues/4729",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap-based-buffer-over-read flaw was found in ImageMagick's GetPixelAlpha() function of 'pixel-accessor.h'. This vulnerability is triggered when an attacker passes a specially crafted Tagged Image File Format (TIFF) image to convert it into a PICON file format. This issue can potentially lead to a denial of service and information disclosure."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.1.0-20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0285",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/b432225952e2a5ab0268f401b85a14480369b835",
"name" : "https://github.com/pimcore/pimcore/commit/b432225952e2a5ab0268f401b85a14480369b835",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/b432225952e2a5ab0268f401b85a14480369b835",
"name" : "https://github.com/pimcore/pimcore/commit/b432225952e2a5ab0268f401b85a14480369b835",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/321918b2-aa01-410e-9f7c-dca5f286bc9c",
"name" : "https://huntr.dev/bounties/321918b2-aa01-410e-9f7c-dca5f286bc9c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/321918b2-aa01-410e-9f7c-dca5f286bc9c",
"name" : "https://huntr.dev/bounties/321918b2-aa01-410e-9f7c-dca5f286bc9c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-20T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0286",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626",
"name" : "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626",
"name" : "https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-31T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0287",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/6cd7cd6d-1cc1-472c-809b-b66389f149b0",
"name" : "https://wpscan.com/vulnerability/6cd7cd6d-1cc1-472c-809b-b66389f149b0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6cd7cd6d-1cc1-472c-809b-b66389f149b0",
"name" : "https://wpscan.com/vulnerability/6cd7cd6d-1cc1-472c-809b-b66389f149b0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The myCred WordPress plugin before 2.4.4.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retrieve all email addresses from the blog"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mycred:mycred:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.4.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0288",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42",
"name" : "https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42",
"name" : "https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ad Inserter WordPress plugin before 2.7.10, Ad Inserter Pro WordPress plugin before 2.7.10 do not sanitise and escape the html_element_selection parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ad_inserter_project:ad_inserter:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.7.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ad_inserter_pro_project:ad_inserter_pro:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.7.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0289",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html",
"name" : "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html",
"name" : "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284367",
"name" : "https://crbug.com/1284367",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284367",
"name" : "https://crbug.com/1284367",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Safe browsing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0290",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166080/Chrome-RenderFrameHostImpl-Use-After-Free.html",
"name" : "http://packetstormsecurity.com/files/166080/Chrome-RenderFrameHostImpl-Use-After-Free.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166080/Chrome-RenderFrameHostImpl-Use-After-Free.html",
"name" : "http://packetstormsecurity.com/files/166080/Chrome-RenderFrameHostImpl-Use-After-Free.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1260134",
"name" : "https://crbug.com/1260134",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1260134",
"name" : "https://crbug.com/1260134",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Site isolation in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0291",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281084",
"name" : "https://crbug.com/1281084",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281084",
"name" : "https://crbug.com/1281084",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Storage in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0292",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270358",
"name" : "https://crbug.com/1270358",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270358",
"name" : "https://crbug.com/1270358",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Fenced Frames in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0293",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283371",
"name" : "https://crbug.com/1283371",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283371",
"name" : "https://crbug.com/1283371",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0294",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273017",
"name" : "https://crbug.com/1273017",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273017",
"name" : "https://crbug.com/1273017",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Push messaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0295",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278180",
"name" : "https://crbug.com/1278180",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278180",
"name" : "https://crbug.com/1278180",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0296",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283375",
"name" : "https://crbug.com/1283375",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283375",
"name" : "https://crbug.com/1283375",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0297",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274316",
"name" : "https://crbug.com/1274316",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274316",
"name" : "https://crbug.com/1274316",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0298",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1212957",
"name" : "https://crbug.com/1212957",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1212957",
"name" : "https://crbug.com/1212957",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0300",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1275438",
"name" : "https://crbug.com/1275438",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1275438",
"name" : "https://crbug.com/1275438",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0301",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1276331",
"name" : "https://crbug.com/1276331",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1276331",
"name" : "https://crbug.com/1276331",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0302",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278613",
"name" : "https://crbug.com/1278613",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278613",
"name" : "https://crbug.com/1278613",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0303",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: Further investigation determines issue is not a vulnerability"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2025-01-17T23:15Z",
"lastModifiedDate" : "2025-01-17T23:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0304",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282118",
"name" : "https://crbug.com/1282118",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282118",
"name" : "https://crbug.com/1282118",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0305",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282354",
"name" : "https://crbug.com/1282354",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://crbug.com/1282354",
"name" : "https://crbug.com/1282354",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0306",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.html",
"name" : "http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.html",
"name" : "http://packetstormsecurity.com/files/166367/Chrome-chrome_pdf-PDFiumEngine-RequestThumbnail-Heap-Buffer-Overflow.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283198",
"name" : "https://crbug.com/1283198",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://crbug.com/1283198",
"name" : "https://crbug.com/1283198",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0307",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281881",
"name" : "https://crbug.com/1281881",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281881",
"name" : "https://crbug.com/1281881",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0308",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282480",
"name" : "https://crbug.com/1282480",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282480",
"name" : "https://crbug.com/1282480",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0309",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1240472",
"name" : "https://crbug.com/1240472",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://crbug.com/1240472",
"name" : "https://crbug.com/1240472",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0310",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283805",
"name" : "https://crbug.com/1283805",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://crbug.com/1283805",
"name" : "https://crbug.com/1283805",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0311",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283807",
"name" : "https://crbug.com/1283807",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://crbug.com/1283807",
"name" : "https://crbug.com/1283807",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-12T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0313",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2661431",
"name" : "https://plugins.trac.wordpress.org/changeset/2661431",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2661431",
"name" : "https://plugins.trac.wordpress.org/changeset/2661431",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1ce6c8f4-6f4b-4d56-8d11-43355ef32e8c",
"name" : "https://wpscan.com/vulnerability/1ce6c8f4-6f4b-4d56-8d11-43355ef32e8c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1ce6c8f4-6f4b-4d56-8d11-43355ef32e8c",
"name" : "https://wpscan.com/vulnerability/1ce6c8f4-6f4b-4d56-8d11-43355ef32e8c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Float menu WordPress plugin before 4.3.1 does not have CSRF check in place when deleting menu, which could allow attackers to make a logged in admin delete them via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wow-estore:float_menu:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0314",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/17585f16-c62c-422d-ad9c-9138b6da97b7",
"name" : "https://wpscan.com/vulnerability/17585f16-c62c-422d-ad9c-9138b6da97b7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/17585f16-c62c-422d-ad9c-9138b6da97b7",
"name" : "https://wpscan.com/vulnerability/17585f16-c62c-422d-ad9c-9138b6da97b7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Nimble Page Builder WordPress plugin before 3.2.2 does not sanitise and escape the preview-level-guid parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:presscustomizr:nimble_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0315",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-668"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41",
"name" : "https://github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41",
"name" : "https://github.com/horovod/horovod/commit/b96ecae4dc69fc0a83c7c2d3f1dde600c20a1b41",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45",
"name" : "https://huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45",
"name" : "https://huntr.dev/bounties/7e50397b-dd63-4bb5-b56d-704094a7da45",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:horovod:horovod:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.24.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0316",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c",
"name" : "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c",
"name" : "https://wpscan.com/vulnerability/9ab3d6cf-aad7-41bc-9aae-dc5313f12f7c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chimpgroup:westand:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chimpgroup:bolster:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:soundblast_project:soundblast:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:spikes-black_project:spikes-black:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chimpgroup:spikes:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pixfill:kings_club:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:club-theme_project:club-theme:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:statfort_project:statfort:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aidreform_project:aidreform:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:footysquare_project:footysquare:-:*:*:*:*:wordpress:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-01-23T15:15Z",
"lastModifiedDate" : "2025-04-03T20:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0317",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p",
"name" : "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p",
"name" : "https://github.com/google/go-attestation/security/advisories/GHSA-99cg-575x-774p",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the authentication performed by quote verification, meaning a local attacker could couple this vulnerability with a maliciously-crafted TCG log in Eventlog.Verify to spoof events in the TCG log, hence defeating remotely-attested measured-boot. We recommend upgrading to Version 0.4.0 or above."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:go-attestation:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.3.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 3.3,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0318",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"name" : "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"name" : "https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"name" : "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"name" : "https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20241115-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20241115-0004/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4151",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-21T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0319",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9",
"name" : "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9",
"name" : "https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b",
"name" : "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b",
"name" : "https://huntr.dev/bounties/ba622fd2-e6ef-4ad9-95b4-17f87b68755b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4154",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-21T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0320",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0d02b222-e672-4ac0-a1d4-d34e1ecf4a95",
"name" : "https://wpscan.com/vulnerability/0d02b222-e672-4ac0-a1d4-d34e1ecf4a95",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d02b222-e672-4ac0-a1d4-d34e1ecf4a95",
"name" : "https://wpscan.com/vulnerability/0d02b222-e672-4ac0-a1d4-d34e1ecf4a95",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Essential Addons for Elementor WordPress plugin before 5.0.5 does not validate and sanitise some template data before it them in include statements, which could allow unauthenticated attackers to perform Local File Inclusion attack and read arbitrary files on the server, this could also lead to RCE via user uploaded files or other LFI to RCE techniques."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.0.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-01T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0321",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/286b81a0-6f6d-4024-9bbc-6cb373990a7a",
"name" : "https://wpscan.com/vulnerability/286b81a0-6f6d-4024-9bbc-6cb373990a7a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/286b81a0-6f6d-4024-9bbc-6cb373990a7a",
"name" : "https://wpscan.com/vulnerability/286b81a0-6f6d-4024-9bbc-6cb373990a7a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Voting Contest WordPress plugin before 3.0 does not sanitise and escape the post_id parameter before outputting it back in the response via the wpvc_social_share_icons AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ohiowebtech:wp_voting_contest:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0322",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-704"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042822",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042822",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042822",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042822",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2d859e3fc97e79d907761550dbc03ff1b36479c",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the sctp_make_strreset_req function in net/sctp/sm_make_chunk.c in the SCTP network protocol in the Linux kernel with a local user privilege access. In this flaw, an attempt to use more buffer than is allocated triggers a BUG_ON issue, leading to a denial of service (DOS)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.15:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_network_exposure_function:22.1.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0323",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/bobthecow/mustache.php/commit/579ffa5c96e1d292c060b3dd62811ff01ad8c24e",
"name" : "https://github.com/bobthecow/mustache.php/commit/579ffa5c96e1d292c060b3dd62811ff01ad8c24e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bobthecow/mustache.php/commit/579ffa5c96e1d292c060b3dd62811ff01ad8c24e",
"name" : "https://github.com/bobthecow/mustache.php/commit/579ffa5c96e1d292c060b3dd62811ff01ad8c24e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7",
"name" : "https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7",
"name" : "https://huntr.dev/bounties/a5f5a988-aa52-4443-839d-299a63f44fb7",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mustache_project:mustache:*:*:*:*:*:php:*:*",
"versionStartIncluding" : "2.0.0",
"versionEndExcluding" : "2.14.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-21T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0324",
"ASSIGNER" : "cve_disclosure@tech.gov.sg"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
}, {
"lang" : "en",
"value" : "CWE-120"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9",
"name" : "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9",
"name" : "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html",
"name" : "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html",
"name" : "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.\n\nDiscovered by Eugene Lim of GovTech Singapore.\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:202111:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-11-14T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0326",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e",
"name" : "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e",
"name" : "https://github.com/mruby/mruby/commit/b611c43a5de061ec21b343967e1b64c45c373d7e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976",
"name" : "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976",
"name" : "https://huntr.dev/bounties/795dcbd9-1695-44bb-8c59-ad327c97c976",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-21T07:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0327",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/df38cc99-da3c-4cc0-b179-1e52e841b883",
"name" : "https://wpscan.com/vulnerability/df38cc99-da3c-4cc0-b179-1e52e841b883",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/df38cc99-da3c-4cc0-b179-1e52e841b883",
"name" : "https://wpscan.com/vulnerability/df38cc99-da3c-4cc0-b179-1e52e841b883",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the error_message parameter before outputting it back in the response of the jltma_restrict_content AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jeweltheme:master_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.8.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0328",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2662855",
"name" : "https://plugins.trac.wordpress.org/changeset/2662855",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2662855",
"name" : "https://plugins.trac.wordpress.org/changeset/2662855",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/44532b7c-4d0d-4959-ada4-733f377d6ec9",
"name" : "https://wpscan.com/vulnerability/44532b7c-4d0d-4959-ada4-733f377d6ec9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/44532b7c-4d0d-4959-ada4-733f377d6ec9",
"name" : "https://wpscan.com/vulnerability/44532b7c-4d0d-4959-ada4-733f377d6ec9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Simple Membership WordPress plugin before 4.0.9 does not have CSRF check when deleting members in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.0.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0329",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-01-21T11:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0330",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-281"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/11/30/1",
"name" : "[oss-security] 20221130 Security sensitive bug in the i915 kernel driver (CVE-2022-4139)",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/11/30/1",
"name" : "[oss-security] 20221130 Security sensitive bug in the i915 kernel driver (CVE-2022-4139)",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042404",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042404",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042404",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2042404",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220526-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220526-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220526-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220526-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/01/25/12",
"name" : "https://www.openwall.com/lists/oss-security/2022/01/25/12",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/01/25/12",
"name" : "https://www.openwall.com/lists/oss-security/2022/01/25/12",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:3scale_api_management:2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:ovirt-node:4.4.10:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0331",
"ASSIGNER" : "security-alert@sophos.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220328-sfos-18-5-3",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "18.5.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0332",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043661",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043661",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043661",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043661",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431099",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431099",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431099",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431099",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Moodle in versions 3.11 to 3.11.4. An SQL injection risk was identified in the h5p activity web service responsible for fetching user attempt data."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0333",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043663",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043663",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043663",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043663",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431100",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431100",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431100",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431100",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The calendar:manageentries capability allowed managers to access or modify any calendar event, but should have been restricted from accessing user level events."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndExcluding" : "3.9.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.8.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 3.8,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.2,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0334",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-668"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043664",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043664",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043664",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043664",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431102",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431102",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431102",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431102",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. Insufficient capability checks could lead to users accessing their grade report for courses where they did not have the required gradereport/user:view capability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.8.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndIncluding" : "3.9.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0335",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043666",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043666",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043666",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2043666",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431103",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431103",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://moodle.org/mod/forum/discuss.php?d=431103",
"name" : "https://moodle.org/mod/forum/discuss.php?d=431103",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The \"delete badge alignment\" functionality did not include the necessary token check to prevent a CSRF risk."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndExcluding" : "3.9.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.8.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-25T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0336",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-276"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0336",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0336",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0336",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0336",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046134",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046134",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046134",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046134",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.samba.org/show_bug.cgi?id=14950",
"name" : "https://bugzilla.samba.org/show_bug.cgi?id=14950",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.samba.org/show_bug.cgi?id=14950",
"name" : "https://bugzilla.samba.org/show_bug.cgi?id=14950",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c",
"name" : "https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c",
"name" : "https://github.com/samba-team/samba/commit/1a5dc817c0c9379bbaab14c676681b42b0039a3c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400",
"name" : "https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400",
"name" : "https://github.com/samba-team/samba/commit/c58ede44f382bd0125f761f0479c8d48156be400",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202309-06",
"name" : "GLSA-202309-06",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202309-06",
"name" : "GLSA-202309-06",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.samba.org/samba/security/CVE-2022-0336.html",
"name" : "https://www.samba.org/samba/security/CVE-2022-0336.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.samba.org/samba/security/CVE-2022-0336.html",
"name" : "https://www.samba.org/samba/security/CVE-2022-0336.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.14.0",
"versionEndExcluding" : "4.14.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.15.0",
"versionEndExcluding" : "4.15.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.0.0",
"versionEndExcluding" : "4.13.17",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0337",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-668"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1247389",
"name" : "https://crbug.com/1247389",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1247389",
"name" : "https://crbug.com/1247389",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in File System API in Google Chrome on Windows prior to 97.0.4692.71 allowed a remote attacker to obtain potentially sensitive information via a crafted HTML page. (Chrome security severity: High)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0.4692.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2023-01-02T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0338",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa",
"name" : "https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa",
"name" : "https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0",
"name" : "https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0",
"name" : "https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insertion of Sensitive Information into Log File in Conda loguru prior to 0.5.3.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:loguru_project:loguru:*:*:*:*:*:python:*:*",
"versionEndExcluding" : "0.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0339",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"name" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"name" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369",
"name" : "https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369",
"name" : "https://huntr.dev/bounties/499688c4-6ac4-4047-a868-7922c3eab369",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-30T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0341",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5",
"name" : "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5",
"name" : "https://github.com/vanessa219/vditor/commit/219f8a9e272aba3cbc0096a82cac776532dbb9e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628",
"name" : "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628",
"name" : "https://huntr.dev/bounties/fa546b57-bc15-4705-824e-9474b616f628",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:b3log:vditor:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.8.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T04:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0342",
"ASSIGNER" : "security@zyxel.com.tw"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-authentication-bypass-vulnerability-of-firewalls.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg40:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg40w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg40w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg60_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg60:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg60w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg60w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:zywall_110_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:zywall_110:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:zywall_310_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:zywall_310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:zywall_1100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:zywall_1100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.30",
"versionEndExcluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.30",
"versionEndExcluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.30",
"versionEndExcluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.30",
"versionEndExcluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:nsg300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.20",
"versionEndExcluding" : "1.33",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:nsg300_firmware:1.33:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:nsg300_firmware:1.33:p4:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:nsg300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0343",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://android-review.googlesource.com/c/platform/external/perfetto/+/1999296/",
"name" : "https://android-review.googlesource.com/c/platform/external/perfetto/+/1999296/",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://android-review.googlesource.com/c/platform/external/perfetto/+/1999296/",
"name" : "https://android-review.googlesource.com/c/platform/external/perfetto/+/1999296/",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local attacker, as a different local user, may be able to send a HTTP request to 127.0.0.1:10000 after the user (typically a developer) manually invoked the ./tools/run-dev-server script. It is recommended to upgrade to any version beyond 24.2"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:perfetto:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "24.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0344",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0344.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0344.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0344.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0344.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/37015",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/37015",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/37015",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/37015",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://hackerone.com/reports/724880",
"name" : "https://hackerone.com/reports/724880",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/724880",
"name" : "https://hackerone.com/reports/724880",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1. Private project paths can be disclosed to unauthorized users via system notes when an Issue is closed via a Merge Request and later moved to a public project"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0345",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b3b523b9-6c92-4091-837a-d34e3174eb19",
"name" : "https://wpscan.com/vulnerability/b3b523b9-6c92-4091-837a-d34e3174eb19",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b3b523b9-6c92-4091-837a-d34e3174eb19",
"name" : "https://wpscan.com/vulnerability/b3b523b9-6c92-4091-837a-d34e3174eb19",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Customize WordPress Emails and Alerts WordPress plugin before 1.8.7 does not have authorisation and CSRF check in its bnfw_search_users AJAX action, allowing any authenticated users to call it and query for user e-mail prefixes (finding the first letter, then the second one, then the third one etc.)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:madewithfuel:customize_wordpress_emails_and_alerts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.8.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0346",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4b339390-d71a-44e0-8682-51a12bd2bfe6",
"name" : "https://wpscan.com/vulnerability/4b339390-d71a-44e0-8682-51a12bd2bfe6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4b339390-d71a-44e0-8682-51a12bd2bfe6",
"name" : "https://wpscan.com/vulnerability/4b339390-d71a-44e0-8682-51a12bd2bfe6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allow_url_include is turned on."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:xmlsitemapgenerator:xml_sitemap_generator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-23T08:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0347",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a5084367-842b-496a-a23c-24dbebac1e8b",
"name" : "https://wpscan.com/vulnerability/a5084367-842b-496a-a23c-24dbebac1e8b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a5084367-842b-496a-a23c-24dbebac1e8b",
"name" : "https://wpscan.com/vulnerability/a5084367-842b-496a-a23c-24dbebac1e8b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The LoginPress | Custom Login Page Customizer WordPress plugin before 1.5.12 does not escape the redirect-page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpbrigade:loginpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.5.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0348",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/832c34aeb9f21f213295a0c28377132df996352a",
"name" : "https://github.com/pimcore/pimcore/commit/832c34aeb9f21f213295a0c28377132df996352a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/832c34aeb9f21f213295a0c28377132df996352a",
"name" : "https://github.com/pimcore/pimcore/commit/832c34aeb9f21f213295a0c28377132df996352a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/250e79be-7e5d-4ba3-9c34-655e39ade2f4",
"name" : "https://huntr.dev/bounties/250e79be-7e5d-4ba3-9c34-655e39ade2f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/250e79be-7e5d-4ba3-9c34-655e39ade2f4",
"name" : "https://huntr.dev/bounties/250e79be-7e5d-4ba3-9c34-655e39ade2f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-27T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0349",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a",
"name" : "https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a",
"name" : "https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0350",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476",
"name" : "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476",
"name" : "https://github.com/vanessa219/vditor/commit/e912e36ea98251d700499b1ac7702708d3398476",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c",
"name" : "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c",
"name" : "https://huntr.dev/bounties/8202aa06-4b49-45ff-aa0f-00982f62005c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository vanessa219/vditor prior to 3.8.13."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:b3log:vditor:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.8.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-31T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0351",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-119"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d",
"name" : "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d",
"name" : "https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161",
"name" : "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161",
"name" : "https://huntr.dev/bounties/8b36db58-b65c-4298-be7f-40b9e37fd161",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "12.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-25T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0352",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1",
"name" : "https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1",
"name" : "https://github.com/janeczku/calibre-web/commit/6bf07539788004513c3692c074ebc7ba4ce005e1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717",
"name" : "https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717",
"name" : "https://huntr.dev/bounties/a577ff17-2ded-4c41-84ae-6ac02440f717",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-28T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0353",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-102365",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-102365",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-102365",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-102365",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-94532",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-94532",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-94532",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-94532",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "\nA denial of service vulnerability was reported in the Lenovo HardwareScanPlugin versions prior to \n\n1.3.1.2\n\n and \n\nLenovo Diagnostics versions prior to 4.45\n\n that could allow a local user with administrative access to trigger a system crash.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:diagnostics:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.45.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:hardwarescan_addin:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.4.1.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:hardwarescan_plugin:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 4.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2023-10-25T18:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0354",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-76673",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-76673",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-76673",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-76673",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.infosec.tirol/cve-2022-0354/",
"name" : "https://www.infosec.tirol/cve-2022-0354/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.infosec.tirol/cve-2022-0354/",
"name" : "https://www.infosec.tirol/cve-2022-0354/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2022-02-25",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-22T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0355",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
"name" : "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
"name" : "https://github.com/advisories/GHSA-wpg7-2c88-r8xv",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f",
"name" : "https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f",
"name" : "https://github.com/feross/simple-get/commit/e4af095e06cd69a9235013e8507e220a79b9684f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31",
"name" : "https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31",
"name" : "https://huntr.dev/bounties/42c79c23-6646-46c4-871d-219c0d4b4e31",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Removal of Sensitive Information Before Storage or Transfer in NPM simple-get prior to 4.0.1.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple-get_project:simple-get:4.0.0:*:*:*:*:node.js:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple-get_project:simple-get:*:*:*:*:*:node.js:*:*",
"versionStartIncluding" : "3.0.0",
"versionEndExcluding" : "3.1.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple-get_project:simple-get:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "2.8.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-26T04:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0357",
"ASSIGNER" : "cve-requests@bitdefender.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",
"name" : "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",
"name" : "https://www.bitdefender.com/support/security-advisories/improper-quoting-path-issue-in-bitdefender-total-security",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unquoted Search Path or Element vulnerability in the Vulnerability Scan component of Bitdefender Total Security, Bitdefender Internet Security, and Bitdefender Antivirus Plus allows an attacker to elevate privileges to SYSTEM.\n\nThis issue affects:\n\nBitdefender Total Security\nversions prior to 26.0.10.45.\nBitdefender Internet Security\nversions prior to 26.0.10.45.\nBitdefender Antivirus Plus\nversions prior to 26.0.10.45."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:total_security:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "26.0.10.45",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:internet_security:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "26.0.10.45",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:antivirus_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "26.0.10.45",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-05-24T08:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0358",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-273"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0358",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0358",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0358",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0358",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044863",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044863",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044863",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044863",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca",
"name" : "https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca",
"name" : "https://gitlab.com/qemu-project/qemu/-/commit/449e8171f96a6a944d1f3b7d3627ae059eae21ca",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221007-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221007-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221007-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221007-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to CVE-2018-13405. A local guest user can create files in the directories shared by virtio-fs with unintended group ownership in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of the group. This could allow a malicious unprivileged user inside the guest to gain access to resources accessible to the root group, potentially escalating their privileges within the guest. A malicious local user in the host might also leverage this unexpected executable file created by the guest to escalate their privileges on the host system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.2.0-7",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0359",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1",
"name" : "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1",
"name" : "https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def",
"name" : "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def",
"name" : "https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4214",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "12.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0360",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2662897",
"name" : "https://plugins.trac.wordpress.org/changeset/2662897",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2662897",
"name" : "https://plugins.trac.wordpress.org/changeset/2662897",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d718b993-4de5-499c-84c9-69801396f51f",
"name" : "https://wpscan.com/vulnerability/d718b993-4de5-499c-84c9-69801396f51f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d718b993-4de5-499c-84c9-69801396f51f",
"name" : "https://wpscan.com/vulnerability/d718b993-4de5-499c-84c9-69801396f51f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Drag And drop All Import : WP Ultimate CSV Importer WordPress plugin before 6.4.3 does not sanitise and escaped imported comments, which could allow high privilege users to import malicious ones (either intentionnaly or not) and lead to Stored Cross-Site Scripting issues"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:smackcoders:import_all_pages\\,_post_types\\,_products\\,_orders\\,_and_users_as_xml_\\&_csv:*:*:*:*:wordpress:*:*:*",
"versionEndExcluding" : "6.4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0361",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366",
"name" : "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366",
"name" : "https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b",
"name" : "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b",
"name" : "https://huntr.dev/bounties/a055618c-0311-409c-a78a-99477121965b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4215",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "12.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0362",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/2b34e267e4186125f99bfa420140634ad45801fb",
"name" : "https://github.com/star7th/showdoc/commit/2b34e267e4186125f99bfa420140634ad45801fb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/2b34e267e4186125f99bfa420140634ad45801fb",
"name" : "https://github.com/star7th/showdoc/commit/2b34e267e4186125f99bfa420140634ad45801fb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e7c72417-eb8f-416c-8480-be76ac0a9091",
"name" : "https://huntr.dev/bounties/e7c72417-eb8f-416c-8480-be76ac0a9091",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e7c72417-eb8f-416c-8480-be76ac0a9091",
"name" : "https://huntr.dev/bounties/e7c72417-eb8f-416c-8480-be76ac0a9091",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "SQL Injection in Packagist showdoc/showdoc prior to 2.10.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-26T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0363",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a438a951-497c-43cd-822f-1a48d4315191",
"name" : "https://wpscan.com/vulnerability/a438a951-497c-43cd-822f-1a48d4315191",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a438a951-497c-43cd-822f-1a48d4315191",
"name" : "https://wpscan.com/vulnerability/a438a951-497c-43cd-822f-1a48d4315191",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The myCred WordPress plugin before 2.4.3.1 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call it and import mycred setup, thus creating badges, managing points or creating arbitrary posts."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mycred:mycred:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0364",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0eb40cd5-838e-4b53-994d-22cf7c8a6c50",
"name" : "https://wpscan.com/vulnerability/0eb40cd5-838e-4b53-994d-22cf7c8a6c50",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0eb40cd5-838e-4b53-994d-22cf7c8a6c50",
"name" : "https://wpscan.com/vulnerability/0eb40cd5-838e-4b53-994d-22cf7c8a6c50",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Modern Events Calendar Lite WordPress plugin before 6.4.0 does not sanitize and escape some of the Hourly Schedule parameters which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.4.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0365",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:riconmobile:s9922l_firmware:16.10.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:riconmobile:s9922l:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:riconmobile:s9922xl_firmware:16.10.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:riconmobile:s9922xl:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0366",
"ASSIGNER" : "security-alert@sophos.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220201-cap8-console-sqli",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220201-cap8-console-sqli",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220201-cap8-console-sqli",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220201-cap8-console-sqli",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An authenticated and authorized agent user could potentially gain administrative access via an SQLi vulnerability to Capsule8 Console between versions 4.6.0 and 4.9.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:capsule8:capsule8:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.6.0",
"versionEndExcluding" : "4.10.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-02T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0367",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045571",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045571",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045571",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2045571",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6",
"name" : "https://github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6",
"name" : "https://github.com/stephane/libmodbus/commit/b4ef4c17d618eba0adccc4c7d9e9a1ef809fc9b6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stephane/libmodbus/issues/614",
"name" : "https://github.com/stephane/libmodbus/issues/614",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/stephane/libmodbus/issues/614",
"name" : "https://github.com/stephane/libmodbus/issues/614",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00007.html",
"name" : "[debian-lts-announce] 20220904 [SECURITY] [DLA 3098-1] libmodbus security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00007.html",
"name" : "[debian-lts-announce] 20220904 [SECURITY] [DLA 3098-1] libmodbus security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libmodbus:libmodbus:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.7",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0368",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa",
"name" : "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa",
"name" : "https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9",
"name" : "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9",
"name" : "https://huntr.dev/bounties/bca9ce1f-400a-4bf9-9207-3f3187cb3fa9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4217",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "12.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0369",
"ASSIGNER" : "zdi-disclosures@trendmicro.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-23-450/",
"name" : "ZDI-23-450",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-23-450/",
"name" : "ZDI-23-450",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.\n\nThe specific flaw exists within the Restore Workspace feature. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-17227."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:trianglemicroworks:scada_data_gateway:5.01.01:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2024-05-07T23:15Z",
"lastModifiedDate" : "2025-08-14T01:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0370",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/9f5bc33c943349bd765b991db0b7f6b6ef05cfdb",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/9f5bc33c943349bd765b991db0b7f6b6ef05cfdb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/9f5bc33c943349bd765b991db0b7f6b6ef05cfdb",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/9f5bc33c943349bd765b991db0b7f6b6ef05cfdb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fbe4b376-57ce-42cd-a9a9-049c4099b3ca",
"name" : "https://huntr.dev/bounties/fbe4b376-57ce-42cd-a9a9-049c4099b3ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fbe4b376-57ce-42cd-a9a9-049c4099b3ca",
"name" : "https://huntr.dev/bounties/fbe4b376-57ce-42cd-a9a9-049c4099b3ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:livehelperchat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93v",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-27T06:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0371",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0371.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0371.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0371.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0371.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/350476",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/350476",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/350476",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/350476",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 before 14.5.4, all versions starting from 14.6 before 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails even if a user set their email to private."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "11.4",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "11.4",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0372",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/cdc913d16cf624aee852bc9163a7c6ffc8d1da9d",
"name" : "https://github.com/crater-invoice/crater/commit/cdc913d16cf624aee852bc9163a7c6ffc8d1da9d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/cdc913d16cf624aee852bc9163a7c6ffc8d1da9d",
"name" : "https://github.com/crater-invoice/crater/commit/cdc913d16cf624aee852bc9163a7c6ffc8d1da9d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/563232b9-5a93-4f4d-8389-ed805b262ef1",
"name" : "https://huntr.dev/bounties/563232b9-5a93-4f4d-8389-ed805b262ef1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/563232b9-5a93-4f4d-8389-ed805b262ef1",
"name" : "https://huntr.dev/bounties/563232b9-5a93-4f4d-8389-ed805b262ef1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist bytefury/crater prior to 6.0.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-27T08:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0373",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0373.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0373.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0373.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0373.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349881",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349881",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349881",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349881",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1439254",
"name" : "https://hackerone.com/reports/1439254",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1439254",
"name" : "https://hackerone.com/reports/1439254",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve the service desk email address"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "12.4.0",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "12.4.0",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0374",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f8b560a6-aa19-4262-8ae4-cf88204310ef",
"name" : "https://huntr.dev/bounties/f8b560a6-aa19-4262-8ae4-cf88204310ef",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f8b560a6-aa19-4262-8ae4-cf88204310ef",
"name" : "https://huntr.dev/bounties/f8b560a6-aa19-4262-8ae4-cf88204310ef",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0375",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/bbfaa26ce54a2a86ce1a42a16496038f5bdfc102",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/28e1c356-6eaa-4d93-af56-938e3b4d40a7",
"name" : "https://huntr.dev/bounties/28e1c356-6eaa-4d93-af56-938e3b4d40a7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/28e1c356-6eaa-4d93-af56-938e3b4d40a7",
"name" : "https://huntr.dev/bounties/28e1c356-6eaa-4d93-af56-938e3b4d40a7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0376",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a3ca2ed4-11ea-4d78-aa4c-4ed58f258932",
"name" : "https://wpscan.com/vulnerability/a3ca2ed4-11ea-4d78-aa4c-4ed58f258932",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a3ca2ed4-11ea-4d78-aa4c-4ed58f258932",
"name" : "https://wpscan.com/vulnerability/a3ca2ed4-11ea-4d78-aa4c-4ed58f258932",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could allow high privilege users to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-30T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0377",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-327"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bozogullarindan.com/en/2022/01/wordpress-learnpress-plugin-4.1.4.1-arbitrary-image-renaming/",
"name" : "https://bozogullarindan.com/en/2022/01/wordpress-learnpress-plugin-4.1.4.1-arbitrary-image-renaming/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://bozogullarindan.com/en/2022/01/wordpress-learnpress-plugin-4.1.4.1-arbitrary-image-renaming/",
"name" : "https://bozogullarindan.com/en/2022/01/wordpress-learnpress-plugin-4.1.4.1-arbitrary-image-renaming/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/LearnPress/learnpress/commit/d1dc4af7ef2950f1000abc21bd9520fb3eb98faf",
"name" : "https://github.com/LearnPress/learnpress/commit/d1dc4af7ef2950f1000abc21bd9520fb3eb98faf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/LearnPress/learnpress/commit/d1dc4af7ef2950f1000abc21bd9520fb3eb98faf",
"name" : "https://github.com/LearnPress/learnpress/commit/d1dc4af7ef2950f1000abc21bd9520fb3eb98faf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d95ada6-53e3-4a80-a395-eacd7b090f26",
"name" : "https://wpscan.com/vulnerability/0d95ada6-53e3-4a80-a395-eacd7b090f26",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d95ada6-53e3-4a80-a395-eacd7b090f26",
"name" : "https://wpscan.com/vulnerability/0d95ada6-53e3-4a80-a395-eacd7b090f26",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a \"POST\" request that contains user supplied name of the image is sent to the server for renaming and cropping of the image. As a result of this request, the name of the user-supplied image is changed with a MD5 value. This process can be conducted only when type of the image is JPG or PNG. An attacker can use this vulnerability in order to rename an arbitrary image file. By doing this, they could destroy the design of the web site."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.1.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0378",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce",
"name" : "https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce",
"name" : "https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31",
"name" : "https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31",
"name" : "https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0379",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b",
"name" : "https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b",
"name" : "https://github.com/microweber/microweber/commit/f017cbfbd5c4f097d2c78c5e15b6c8a9da479d7b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6",
"name" : "https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6",
"name" : "https://huntr.dev/bounties/933f94b8-c5e7-4c3a-92e0-4d1577d5fee6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-26T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0380",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/browser/fotobook/tags/3.2.3/options-fotobook.php#L128",
"name" : "https://plugins.trac.wordpress.org/browser/fotobook/tags/3.2.3/options-fotobook.php#L128",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/fotobook/tags/3.2.3/options-fotobook.php#L128",
"name" : "https://plugins.trac.wordpress.org/browser/fotobook/tags/3.2.3/options-fotobook.php#L128",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-03801",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-03801",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-03801",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-03801",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Fotobook WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping and the use of $_SERVER['PHP_SELF'] found in the ~/options-fotobook.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 3.2.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fotobook_project:fotobook:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0381",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3",
"name" : "https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3",
"name" : "https://gist.github.com/Xib3rR4dAr/4b3ea7960914e23c3a875b973a5b37a3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/embed-swagger/trunk/swagger-iframe.php#L59",
"name" : "https://plugins.trac.wordpress.org/browser/embed-swagger/trunk/swagger-iframe.php#L59",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/browser/embed-swagger/trunk/swagger-iframe.php#L59",
"name" : "https://plugins.trac.wordpress.org/browser/embed-swagger/trunk/swagger-iframe.php#L59",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0381",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0381",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0381",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0381",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Embed Swagger WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to insufficient escaping/sanitization and validation via the url parameter found in the ~/swagger-iframe.php file which allows attackers to inject arbitrary web scripts onto the page, in versions up to and including 1.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:embed_swagger_project:embed_swagger:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0382",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-909"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523",
"name" : "https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523",
"name" : "https://github.com/torvalds/linux/commit/d6d86830705f173fca6087a3e67ceaf68db80523",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An information leak flaw was found due to uninitialized memory in the Linux kernel's TIPC protocol subsystem, in the way a user sends a TIPC datagram to one or more destinations. This flaw allows a local user to read some kernel memory. This issue is limited to no more than 7 bytes, and the user cannot control what is read. This flaw affects the Linux kernel versions prior to 5.17-rc1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.16.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0383",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2666513",
"name" : "https://plugins.trac.wordpress.org/changeset/2666513",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2666513",
"name" : "https://plugins.trac.wordpress.org/changeset/2666513",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e0402753-3a80-455b-9fab-a7d2a7687193",
"name" : "https://wpscan.com/vulnerability/e0402753-3a80-455b-9fab-a7d2a7687193",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e0402753-3a80-455b-9fab-a7d2a7687193",
"name" : "https://wpscan.com/vulnerability/e0402753-3a80-455b-9fab-a7d2a7687193",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Review Slider WordPress plugin before 11.0 does not sanitise and escape the pid parameter when copying a Twitter source, which could allow a high privilege users to perform SQL Injections attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ljapps:wp_review_slider:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "11.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0384",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2671219",
"name" : "https://plugins.trac.wordpress.org/changeset/2671219",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2671219",
"name" : "https://plugins.trac.wordpress.org/changeset/2671219",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/91c44c45-994b-4aed-b9f9-7db45924eeb4",
"name" : "https://wpscan.com/vulnerability/91c44c45-994b-4aed-b9f9-7db45924eeb4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/91c44c45-994b-4aed-b9f9-7db45924eeb4",
"name" : "https://wpscan.com/vulnerability/91c44c45-994b-4aed-b9f9-7db45924eeb4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Video Conferencing with Zoom WordPress plugin before 3.8.17 does not have authorisation in its vczapi_get_wp_users AJAX action, allowing any authenticated users, such as subscriber to download the list of email addresses registered on the blog"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:imdpen:video_conferencing_with_zoom:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.8.17",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0385",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/60067b8b-9fa5-40d1-817a-929779947891",
"name" : "https://wpscan.com/vulnerability/60067b8b-9fa5-40d1-817a-929779947891",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/60067b8b-9fa5-40d1-817a-929779947891",
"name" : "https://wpscan.com/vulnerability/60067b8b-9fa5-40d1-817a-929779947891",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Crazy Bone WordPress plugin through 0.6.0 does not sanitise and escape the username submitted via the login from when displaying them back in the log dashboard, leading to an unauthenticated Stored Cross-Site scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:crazy_bone_project:crazy_bone:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "0.6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0386",
"ASSIGNER" : "security-alert@sophos.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.710",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-22T00:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0387",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/ff70c7dd641b68b9afb170b89ec1ef003a4e3444",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/ff70c7dd641b68b9afb170b89ec1ef003a4e3444",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/ff70c7dd641b68b9afb170b89ec1ef003a4e3444",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/ff70c7dd641b68b9afb170b89ec1ef003a4e3444",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2e09035b-8f98-4930-b7e8-7abe5f722b98",
"name" : "https://huntr.dev/bounties/2e09035b-8f98-4930-b7e8-7abe5f722b98",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2e09035b-8f98-4930-b7e8-7abe5f722b98",
"name" : "https://huntr.dev/bounties/2e09035b-8f98-4930-b7e8-7abe5f722b98",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:livehelperchat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93v",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-27T06:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0388",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7d4ad1f3-6d27-4655-9796-ce370ef5fced",
"name" : "https://wpscan.com/vulnerability/7d4ad1f3-6d27-4655-9796-ce370ef5fced",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7d4ad1f3-6d27-4655-9796-ce370ef5fced",
"name" : "https://wpscan.com/vulnerability/7d4ad1f3-6d27-4655-9796-ce370ef5fced",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Interactive Medical Drawing of Human Body WordPress plugin before 2.6 does not sanitise and escape the Link field, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:humananatomyillustrations:interactive_medical_drawing_of_human_body:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0389",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/788ead78-9aa2-49a3-b191-12114be8270b",
"name" : "https://wpscan.com/vulnerability/788ead78-9aa2-49a3-b191-12114be8270b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/788ead78-9aa2-49a3-b191-12114be8270b",
"name" : "https://wpscan.com/vulnerability/788ead78-9aa2-49a3-b191-12114be8270b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Time Slots Booking Form WordPress plugin before 1.1.63 does not sanitise and escape Calendar names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:codepeople:wp_time_slots_booking_form:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.63",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0390",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0390.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0390.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0390.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0390.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/330030",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/330030",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/330030",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/330030",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1179733",
"name" : "https://hackerone.com/reports/1179733",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1179733",
"name" : "https://hackerone.com/reports/1179733",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "12.7.0",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "12.7.0",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:community:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:enterprise:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0391",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-74"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugs.python.org/issue43882",
"name" : "https://bugs.python.org/issue43882",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://bugs.python.org/issue43882",
"name" : "https://bugs.python.org/issue43882",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"name" : "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"name" : "[debian-lts-announce] 20230920 [SECURITY] [DLA 3575-1] python2.7 security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"name" : "FEDORA-2022-18ad73aba6",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/",
"name" : "FEDORA-2022-18ad73aba6",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"name" : "FEDORA-2022-ef99a016f6",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/",
"name" : "FEDORA-2022-ef99a016f6",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202305-02",
"name" : "GLSA-202305-02",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202305-02",
"name" : "GLSA-202305-02",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220225-0009/",
"name" : "https://security.netapp.com/advisory/ntap-20220225-0009/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220225-0009/",
"name" : "https://security.netapp.com/advisory/ntap-20220225-0009/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"name" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"name" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator (URL) strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\\r' and '\\n' in the URL path. This flaw allows an attacker to input a crafted URL, leading to injection attacks. This flaw affects Python versions prior to 3.10.0b1, 3.9.5, 3.8.11, 3.7.11 and 3.6.14."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:3.10.0:alpha6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndExcluding" : "3.9.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.8.0",
"versionEndExcluding" : "3.8.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.7.0",
"versionEndExcluding" : "3.7.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.6.14",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0392",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/43",
"name" : "20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a",
"name" : "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a",
"name" : "https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126",
"name" : "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126",
"name" : "https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213444",
"name" : "https://support.apple.com/kb/HT213444",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4218",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "12.6",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-28T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0393",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323",
"name" : "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323",
"name" : "https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba",
"name" : "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba",
"name" : "https://huntr.dev/bounties/ecc8f488-01a0-477f-848f-e30b8e524bba",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4233",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-28T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0394",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/d7b85466c217b3750eaccc8703ce54ba8785c4d3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272",
"name" : "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272",
"name" : "https://huntr.dev/bounties/e13823d0-271c-448b-a0c5-8549ea7ea272",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-28T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0395",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/8fdb4f67ac1a095331aa0fb4630ef9dfe8e75dcb",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/8fdb4f67ac1a095331aa0fb4630ef9dfe8e75dcb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/8fdb4f67ac1a095331aa0fb4630ef9dfe8e75dcb",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/8fdb4f67ac1a095331aa0fb4630ef9dfe8e75dcb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/36abbd6e-239e-4739-8c77-ba212b946a4a",
"name" : "https://huntr.dev/bounties/36abbd6e-239e-4739-8c77-ba212b946a4a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/36abbd6e-239e-4739-8c77-ba212b946a4a",
"name" : "https://huntr.dev/bounties/36abbd6e-239e-4739-8c77-ba212b946a4a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.93",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-28T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0396",
"ASSIGNER" : "security-officer@isc.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-404"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-637483.pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0396",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0396",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0396",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0396",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/",
"name" : "FEDORA-2022-14e36aac0c",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYD7US4HZRFUGAJ66ZTHFBYVP5N3OQBY/",
"name" : "FEDORA-2022-14e36aac0c",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-25",
"name" : "GLSA-202210-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-25",
"name" : "GLSA-202210-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:isc:bind:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.17.0",
"versionEndIncluding" : "9.18.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding" : "9.16.11",
"versionEndExcluding" : "9.16.27",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"versionStartIncluding" : "9.16.11",
"versionEndExcluding" : "9.16.27",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:sp1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siemens:sinec_ins:1.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0397",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c8091254-1ced-4363-ab7f-5b880447713d",
"name" : "https://wpscan.com/vulnerability/c8091254-1ced-4363-ab7f-5b880447713d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c8091254-1ced-4363-ab7f-5b880447713d",
"name" : "https://wpscan.com/vulnerability/c8091254-1ced-4363-ab7f-5b880447713d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WPC Smart Wishlist for WooCommerce WordPress plugin before 2.9.4 does not sanitise and escape the key parameter before outputting it back in the wishlist_quickview AJAX action's response (available to any authenticated user), leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpclever:wpc_smart_wishlist_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.9.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0398",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/21aec131-91ff-4300-ac7a-0bf31d6b2b24",
"name" : "https://wpscan.com/vulnerability/21aec131-91ff-4300-ac7a-0bf31d6b2b24",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/21aec131-91ff-4300-ac7a-0bf31d6b2b24",
"name" : "https://wpscan.com/vulnerability/21aec131-91ff-4300-ac7a-0bf31d6b2b24",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as subscriber to create arbitrary affiliate links, which could then be used to redirect users to an arbitrary website"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:caseproof:thirstyaffiliates_affiliate_link_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.10.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0399",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2678919",
"name" : "https://plugins.trac.wordpress.org/changeset/2678919",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2678919",
"name" : "https://plugins.trac.wordpress.org/changeset/2678919",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5e5fdcf4-ec2b-4e73-8009-05606b2d5164",
"name" : "https://wpscan.com/vulnerability/5e5fdcf4-ec2b-4e73-8009-05606b2d5164",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5e5fdcf4-ec2b-4e73-8009-05606b2d5164",
"name" : "https://wpscan.com/vulnerability/5e5fdcf4-ec2b-4e73-8009-05606b2d5164",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Product Labels for WooCommerce WordPress plugin before 1.2.3.7 does not sanitise and escape the tax_color_set_type parameter before outputting it back in the berocket_apl_color_listener AJAX action's response, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:berocket:advanced_product_labels_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0400",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0400",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0400",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0400",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0400",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040604",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040604",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040604",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2040604",
"refsource" : "",
"tags" : [ "Permissions Required" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044575",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044575",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044575",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044575",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An out-of-bounds read vulnerability was discovered in linux kernel in the smc protocol stack, causing remote dos."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0401",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/yuda-lyu/w-zip/commit/d7039d034e02fa358e6656565157cedf5fa83288",
"name" : "https://github.com/yuda-lyu/w-zip/commit/d7039d034e02fa358e6656565157cedf5fa83288",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/yuda-lyu/w-zip/commit/d7039d034e02fa358e6656565157cedf5fa83288",
"name" : "https://github.com/yuda-lyu/w-zip/commit/d7039d034e02fa358e6656565157cedf5fa83288",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d93259aa-ad03-43d6-8846-a00b9f58876d",
"name" : "https://huntr.dev/bounties/d93259aa-ad03-43d6-8846-a00b9f58876d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d93259aa-ad03-43d6-8846-a00b9f58876d",
"name" : "https://huntr.dev/bounties/d93259aa-ad03-43d6-8846-a00b9f58876d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Path Traversal in NPM w-zip prior to 1.0.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:w-zip_project:w-zip:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.0.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-01T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0402",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/RensTillmann/super-forms/commit/c19d65abbe43d9b6359c1bf3498dc697d0c19d02",
"name" : "https://github.com/RensTillmann/super-forms/commit/c19d65abbe43d9b6359c1bf3498dc697d0c19d02",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://github.com/RensTillmann/super-forms/commit/c19d65abbe43d9b6359c1bf3498dc697d0c19d02",
"name" : "https://github.com/RensTillmann/super-forms/commit/c19d65abbe43d9b6359c1bf3498dc697d0c19d02",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://wpscan.com/vulnerability/2e2e2478-2488-4c91-8af8-69b07783854f/",
"name" : "https://wpscan.com/vulnerability/2e2e2478-2488-4c91-8af8-69b07783854f/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2e2e2478-2488-4c91-8af8-69b07783854f/",
"name" : "https://wpscan.com/vulnerability/2e2e2478-2488-4c91-8af8-69b07783854f/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Super Forms - Drag & Drop Form Builder WordPress plugin before 6.0.4 does not escape the bob_czy_panstwa_sprawa_zostala_rozwiazana parameter before outputting it back in an attribute via the super_language_switcher AJAX action, leading to a Reflected Cross-Site Scripting. The action is also lacking CSRF, making the attack easier to perform against any user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:super-forms:super_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2024-01-16T16:15Z",
"lastModifiedDate" : "2025-06-20T17:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0403",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/997a7fbf-98c6-453e-ad84-75c1e91d5a1e",
"name" : "https://wpscan.com/vulnerability/997a7fbf-98c6-453e-ad84-75c1e91d5a1e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/997a7fbf-98c6-453e-ad84-75c1e91d5a1e",
"name" : "https://wpscan.com/vulnerability/997a7fbf-98c6-453e-ad84-75c1e91d5a1e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users, such as subscriber to call it. Furthermore, as the options passed to the elFinder library does not restrict any file type, users with a role as low as subscriber can Create/Upload/Delete Arbitrary files and folders."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpjos:library_file_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0404",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/6d0932bb-d515-4432-b67b-16aba34bd285",
"name" : "https://wpscan.com/vulnerability/6d0932bb-d515-4432-b67b-16aba34bd285",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6d0932bb-d515-4432-b67b-16aba34bd285",
"name" : "https://wpscan.com/vulnerability/6d0932bb-d515-4432-b67b-16aba34bd285",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check authorization or that the option mentioned in the notice param belongs to the plugin when processing requests to the cf7md_dismiss_notice action, allowing any logged in user (with roles as low as Subscriber) to set arbitrary options to true, potentially leading to Denial of Service by breaking the site."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:material_design_for_contact_form_7_project:material_design_for_contact_form_7:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.6.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0405",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"name" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"name" : "https://github.com/janeczku/calibre-web/commit/3b216bfa07ec7992eff03e55d61732af6df9bb92",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/370538f6-5312-4c15-9fc0-b4c36ac236fe",
"name" : "https://huntr.dev/bounties/370538f6-5312-4c15-9fc0-b4c36ac236fe",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/370538f6-5312-4c15-9fc0-b4c36ac236fe",
"name" : "https://huntr.dev/bounties/370538f6-5312-4c15-9fc0-b4c36ac236fe",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-03T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0406",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/e0e04220109920575179a8f924543449c6de0706",
"name" : "https://github.com/janeczku/calibre-web/commit/e0e04220109920575179a8f924543449c6de0706",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/e0e04220109920575179a8f924543449c6de0706",
"name" : "https://github.com/janeczku/calibre-web/commit/e0e04220109920575179a8f924543449c6de0706",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d7498799-4797-4751-b5e2-b669e729d5db",
"name" : "https://huntr.dev/bounties/d7498799-4797-4751-b5e2-b669e729d5db",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d7498799-4797-4751-b5e2-b669e729d5db",
"name" : "https://huntr.dev/bounties/d7498799-4797-4751-b5e2-b669e729d5db",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-03T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0407",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e",
"name" : "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e",
"name" : "https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c",
"name" : "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c",
"name" : "https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4219",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-30T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0408",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31",
"name" : "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31",
"name" : "https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d",
"name" : "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d",
"name" : "https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4247",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-30T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0409",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/7383d7a3c1b0807b6f397ba7df415a0ce7ccc436",
"name" : "https://github.com/star7th/showdoc/commit/7383d7a3c1b0807b6f397ba7df415a0ce7ccc436",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/7383d7a3c1b0807b6f397ba7df415a0ce7ccc436",
"name" : "https://github.com/star7th/showdoc/commit/7383d7a3c1b0807b6f397ba7df415a0ce7ccc436",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c25bfad1-2611-4226-954f-009e50f966f7",
"name" : "https://huntr.dev/bounties/c25bfad1-2611-4226-954f-009e50f966f7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c25bfad1-2611-4226-954f-009e50f966f7",
"name" : "https://huntr.dev/bounties/c25bfad1-2611-4226-954f-009e50f966f7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-19T05:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0410",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0d6b89f5-cf12-4ad4-831b-fed26763ba20",
"name" : "https://wpscan.com/vulnerability/0d6b89f5-cf12-4ad4-831b-fed26763ba20",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d6b89f5-cf12-4ad4-831b-fed26763ba20",
"name" : "https://wpscan.com/vulnerability/0d6b89f5-cf12-4ad4-831b-fed26763ba20",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp_visitor_statistics_project:wp_visitor_statistics:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0411",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2669226/asgaros-forum",
"name" : "https://plugins.trac.wordpress.org/changeset/2669226/asgaros-forum",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2669226/asgaros-forum",
"name" : "https://plugins.trac.wordpress.org/changeset/2669226/asgaros-forum",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/35272197-c973-48ad-8405-538bfbafa172",
"name" : "https://wpscan.com/vulnerability/35272197-c973-48ad-8405-538bfbafa172",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/35272197-c973-48ad-8405-538bfbafa172",
"name" : "https://wpscan.com/vulnerability/35272197-c973-48ad-8405-538bfbafa172",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Asgaros Forum WordPress plugin before 2.0.0 does not sanitise and escape the post_id parameter before using it in a SQL statement via a REST route of the plugin (accessible to any authenticated user), leading to a SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:asgaros:asgaros_forum:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0412",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2668899",
"name" : "https://plugins.trac.wordpress.org/changeset/2668899",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2668899",
"name" : "https://plugins.trac.wordpress.org/changeset/2668899",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682",
"name" : "https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682",
"name" : "https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:templateinvaders:ti_woocommerce_wishlist:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.40.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:templateinvaders:ti_woocommerce_wishlist:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding" : "1.40.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0413",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a",
"name" : "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a",
"name" : "https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38",
"name" : "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38",
"name" : "https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4253",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-01-30T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0414",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/37fb02ee760cfff18c795ba468da1ba1c53f4684",
"name" : "https://github.com/dolibarr/dolibarr/commit/37fb02ee760cfff18c795ba468da1ba1c53f4684",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/37fb02ee760cfff18c795ba468da1ba1c53f4684",
"name" : "https://github.com/dolibarr/dolibarr/commit/37fb02ee760cfff18c795ba468da1ba1c53f4684",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/76f3b405-9f5d-44b1-8434-b52b56ee395f",
"name" : "https://huntr.dev/bounties/76f3b405-9f5d-44b1-8434-b52b56ee395f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/76f3b405-9f5d-44b1-8434-b52b56ee395f",
"name" : "https://huntr.dev/bounties/76f3b405-9f5d-44b1-8434-b52b56ee395f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-01-31T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0415",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284",
"name" : "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284",
"name" : "https://github.com/gogs/gogs/commit/0fef3c9082269e9a4e817274942a5d7c50617284",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902",
"name" : "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902",
"name" : "https://huntr.dev/bounties/b4928cfe-4110-462f-a180-6d5673797902",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.12.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0417",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a",
"name" : "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a",
"name" : "https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a",
"name" : "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a",
"name" : "https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html",
"name" : "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html",
"name" : "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4245",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-01T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0418",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/74888a9f-fb75-443d-bb85-0120cbb764a0",
"name" : "https://wpscan.com/vulnerability/74888a9f-fb75-443d-bb85-0120cbb764a0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/74888a9f-fb75-443d-bb85-0120cbb764a0",
"name" : "https://wpscan.com/vulnerability/74888a9f-fb75-443d-bb85-0120cbb764a0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Event List WordPress plugin before 0.8.8 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks against other admin even when the unfiltered_html is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:event_list_project:event_list:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "0.8.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0419",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/05/25/1",
"name" : "[oss-security] 20220525 multiple vulnerabilities in radare2",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/05/25/1",
"name" : "[oss-security] 20220525 multiple vulnerabilities in radare2",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/",
"name" : "https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/",
"name" : "https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6",
"name" : "https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6",
"name" : "https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa",
"name" : "https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa",
"name" : "https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/",
"name" : "FEDORA-2022-3fc85cd09c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/",
"name" : "FEDORA-2022-3fc85cd09c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/",
"name" : "FEDORA-2022-ba3248e596",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/",
"name" : "FEDORA-2022-ba3248e596",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-01T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0420",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2672042",
"name" : "https://plugins.trac.wordpress.org/changeset/2672042",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2672042",
"name" : "https://plugins.trac.wordpress.org/changeset/2672042",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/056b5167-3cbc-47d1-9917-52a434796151",
"name" : "https://wpscan.com/vulnerability/056b5167-3cbc-47d1-9917-52a434796151",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/056b5167-3cbc-47d1-9917-52a434796151",
"name" : "https://wpscan.com/vulnerability/056b5167-3cbc-47d1-9917-52a434796151",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The RegistrationMagic WordPress plugin before 5.0.2.2 does not sanitise and escape the rm_form_id parameter before using it in a SQL statement in the Automation admin dashboard, allowing high privilege users to perform SQL injection attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:metagauss:registrationmagic:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.0.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0421",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/145e8d3c-cd6f-4827-86e5-ea2d395a80b9",
"name" : "https://wpscan.com/vulnerability/145e8d3c-cd6f-4827-86e5-ea2d395a80b9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/145e8d3c-cd6f-4827-86e5-ea2d395a80b9",
"name" : "https://wpscan.com/vulnerability/145e8d3c-cd6f-4827-86e5-ea2d395a80b9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Five Star Restaurant Reservations WordPress plugin before 2.4.12 does not have authorisation when changing whether a payment was successful or failed, allowing unauthenticated users to change the payment status of arbitrary bookings. Furthermore, due to the lack of sanitisation and escaping, attackers could perform Cross-Site Scripting attacks against a logged in admin viewing the failed payments"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fivestarplugins:five_star_restaurant_reservations:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-11-21T11:15Z",
"lastModifiedDate" : "2025-04-30T15:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0422",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2672615",
"name" : "https://plugins.trac.wordpress.org/changeset/2672615",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2672615",
"name" : "https://plugins.trac.wordpress.org/changeset/2672615",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/429be4eb-8a6b-4531-9465-9ef0d35c12cc",
"name" : "https://wpscan.com/vulnerability/429be4eb-8a6b-4531-9465-9ef0d35c12cc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/429be4eb-8a6b-4531-9465-9ef0d35c12cc",
"name" : "https://wpscan.com/vulnerability/429be4eb-8a6b-4531-9465-9ef0d35c12cc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The White Label CMS WordPress plugin before 2.2.9 does not sanitise and validate the wlcms[_login_custom_js] parameter before outputting it back in the response while previewing, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:videousermanuals:white_label_cms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.2.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0423",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7dde0b9d-9b86-4961-b005-a11b6ffba952",
"name" : "https://wpscan.com/vulnerability/7dde0b9d-9b86-4961-b005-a11b6ffba952",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7dde0b9d-9b86-4961-b005-a11b6ffba952",
"name" : "https://wpscan.com/vulnerability/7dde0b9d-9b86-4961-b005-a11b6ffba952",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisation and CSRF checks when updating its settings, and does not have any sanitisation/escaping, allowing any authenticated users, such as subscriber to put Cross-Site Scripting payloads in all pages with a 3d flipbook."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:3dflipbook:3d_flipbook:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.12.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0424",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1e4593fd-51e5-43ca-a244-9aaef3804b9f",
"name" : "https://wpscan.com/vulnerability/1e4593fd-51e5-43ca-a244-9aaef3804b9f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1e4593fd-51e5-43ca-a244-9aaef3804b9f",
"name" : "https://wpscan.com/vulnerability/1e4593fd-51e5-43ca-a244-9aaef3804b9f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:supsystic:popup:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.10.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0425",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0425.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0425.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0425.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0425.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/22350",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/22350",
"refsource" : "",
"tags" : [ "Broken Link", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/22350",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/22350",
"refsource" : "",
"tags" : [ "Broken Link", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A DNS rebinding vulnerability in the Irker IRC Gateway integration in all versions of GitLab CE/EE since version 7.9 allows an attacker to trigger Server Side Request Forgery (SSRF) attacks."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "7.9.0",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "7.9.0",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "HIGH",
"baseScore" : 7.6,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 4.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0426",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2670405",
"name" : "https://plugins.trac.wordpress.org/changeset/2670405",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2670405",
"name" : "https://plugins.trac.wordpress.org/changeset/2670405",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/de69bcd1-b0b1-4b16-9655-776ee57ad90a",
"name" : "https://wpscan.com/vulnerability/de69bcd1-b0b1-4b16-9655-776ee57ad90a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/de69bcd1-b0b1-4b16-9655-776ee57ad90a",
"name" : "https://wpscan.com/vulnerability/de69bcd1-b0b1-4b16-9655-776ee57ad90a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the woosea_categories_dropdown AJAX action (available to any authenticated user), leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:adtribes:product_feed_pro_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "11.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0427",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0427.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0427.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0427.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0427.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347284",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347284",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347284",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/347284",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1409788",
"name" : "https://hackerone.com/reports/1409788",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1409788",
"name" : "https://hackerone.com/reports/1409788",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.5",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.5",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0428",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/071a2f69-9cd6-42a8-a56c-264a589784ab",
"name" : "https://wpscan.com/vulnerability/071a2f69-9cd6-42a8-a56c-264a589784ab",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/071a2f69-9cd6-42a8-a56c-264a589784ab",
"name" : "https://wpscan.com/vulnerability/071a2f69-9cd6-42a8-a56c-264a589784ab",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Content Egg WordPress plugin before 5.3.0 does not sanitise and escape the page parameter before outputting back in an attribute in the Autoblogging admin dashboard, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:keywordrush:content_egg:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0429",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d1b6f438-f737-4b18-89cf-161238a7421b",
"name" : "https://wpscan.com/vulnerability/d1b6f438-f737-4b18-89cf-161238a7421b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d1b6f438-f737-4b18-89cf-161238a7421b",
"name" : "https://wpscan.com/vulnerability/d1b6f438-f737-4b18-89cf-161238a7421b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Cerber Security, Anti-spam & Malware Scan WordPress plugin before 8.9.6 does not sanitise the $url variable before using it in an attribute in the Activity tab in the plugins dashboard, leading to an unauthenticated stored Cross-Site Scripting vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cerber:wp_cerber_security\\,_anti-spam_\\&_malware_scan:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "8.9.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0430",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b",
"name" : "https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b",
"name" : "https://github.com/httpie/httpie/commit/65ab7d5caaaf2f95e61f9dd65441801c2ddee38b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dafb2e4f-c6b6-4768-8ef5-b396cd6a801f",
"name" : "https://huntr.dev/bounties/dafb2e4f-c6b6-4768-8ef5-b396cd6a801f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dafb2e4f-c6b6-4768-8ef5-b396cd6a801f",
"name" : "https://huntr.dev/bounties/dafb2e4f-c6b6-4768-8ef5-b396cd6a801f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository httpie/httpie prior to 3.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:httpie:httpie:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-15T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0431",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2690415",
"name" : "https://plugins.trac.wordpress.org/changeset/2690415",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2690415",
"name" : "https://plugins.trac.wordpress.org/changeset/2690415",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/52bd94df-8816-48fd-8788-38d045eb57ca",
"name" : "https://wpscan.com/vulnerability/52bd94df-8816-48fd-8788-38d045eb57ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/52bd94df-8816-48fd-8788-38d045eb57ca",
"name" : "https://wpscan.com/vulnerability/52bd94df-8816-48fd-8788-38d045eb57ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Insights from Google PageSpeed WordPress plugin before 4.0.4 does not sanitise and escape various parameters before outputting them back in attributes in the plugin's settings dashboard, leading to Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:insights_from_google_pagespeed_project:insights_from_google_pagespeed:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0432",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-1321"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09",
"name" : "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09",
"name" : "https://github.com/mastodon/mastodon/commit/4d6d4b43c6186a13e67b92eaf70fe1b70ea24a09",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7",
"name" : "https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7",
"name" : "https://huntr.dev/bounties/d06da292-7716-4d74-a129-dd04773398d7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Prototype Pollution in GitHub repository mastodon/mastodon prior to 3.5.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-02T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0433",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048259",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048259",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048259",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048259",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=3ccdcee28415c4226de05438b4d89eb5514edf73",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=3ccdcee28415c4226de05438b4d89eb5514edf73",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=3ccdcee28415c4226de05438b4d89eb5514edf73",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=3ccdcee28415c4226de05438b4d89eb5514edf73",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/bpf/1640776802-22421-1-git-send-email-tcs.kernel%40gmail.com/t/",
"name" : "https://lore.kernel.org/bpf/1640776802-22421-1-git-send-email-tcs.kernel%40gmail.com/t/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lore.kernel.org/bpf/1640776802-22421-1-git-send-email-tcs.kernel%40gmail.com/t/",
"name" : "https://lore.kernel.org/bpf/1640776802-22421-1-git-send-email-tcs.kernel%40gmail.com/t/",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A NULL pointer dereference flaw was found in the Linux kernel's BPF subsystem in the way a user triggers the map_get_next_key function of the BPF bloom filter. This flaw allows a local user to crash the system. This flaw affects Linux kernel versions prior to 5.17-rc1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.16",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0434",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/be895016-7365-4ce4-a54f-f36d0ef2d6f1",
"name" : "https://wpscan.com/vulnerability/be895016-7365-4ce4-a54f-f36d0ef2d6f1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/be895016-7365-4ce4-a54f-f36d0ef2d6f1",
"name" : "https://wpscan.com/vulnerability/be895016-7365-4ce4-a54f-f36d0ef2d6f1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Page View Count WordPress plugin before 2.4.15 does not sanitise and escape the post_ids parameter before using it in a SQL statement via a REST endpoint, available to both unauthenticated and authenticated users. As a result, unauthenticated attackers could perform SQL injection attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:a3rev:page_view_count:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0435",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048738",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048738",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048738",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048738",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220602-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220602-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220602-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220602-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/02/10/1",
"name" : "https://www.openwall.com/lists/oss-security/2022/02/10/1",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Mitigation", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/02/10/1",
"name" : "https://www.openwall.com/lists/oss-security/2022/02/10/1",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Mitigation", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.8",
"versionEndExcluding" : "4.9.301",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.10",
"versionEndExcluding" : "4.14.266",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.15",
"versionEndExcluding" : "4.19.229",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "5.4.179",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.5",
"versionEndExcluding" : "5.10.100",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.23",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.9",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:ovirt:node:4.4.10:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0436",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665",
"name" : "https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665",
"name" : "https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b",
"name" : "https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b",
"name" : "https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00008.html",
"name" : "[debian-lts-announce] 20230406 [SECURITY] [DLA 3386-1] grunt security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00008.html",
"name" : "[debian-lts-announce] 20230406 [SECURITY] [DLA 3386-1] grunt security update",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Path Traversal in GitHub repository gruntjs/grunt prior to 1.5.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gruntjs:grunt:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.5.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-12T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0437",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/karma-runner/karma/commit/839578c45a8ac42fbc1d72105f97eab77dd3eb8a",
"name" : "https://github.com/karma-runner/karma/commit/839578c45a8ac42fbc1d72105f97eab77dd3eb8a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/karma-runner/karma/commit/839578c45a8ac42fbc1d72105f97eab77dd3eb8a",
"name" : "https://github.com/karma-runner/karma/commit/839578c45a8ac42fbc1d72105f97eab77dd3eb8a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/64b67ea1-5487-4382-a5f6-e8a95f798885",
"name" : "https://huntr.dev/bounties/64b67ea1-5487-4382-a5f6-e8a95f798885",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/64b67ea1-5487-4382-a5f6-e8a95f798885",
"name" : "https://huntr.dev/bounties/64b67ea1-5487-4382-a5f6-e8a95f798885",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - DOM in NPM karma prior to 6.3.14."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:karma_project:karma:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "6.3.14",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-05T02:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0439",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/729d3e67-d081-4a4e-ac1e-f6b0a184f095",
"name" : "https://wpscan.com/vulnerability/729d3e67-d081-4a4e-ac1e-f6b0a184f095",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/729d3e67-d081-4a4e-ac1e-f6b0a184f095",
"name" : "https://wpscan.com/vulnerability/729d3e67-d081-4a4e-ac1e-f6b0a184f095",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the `order` and `orderby` parameters to the `ajax_fetch_report_list` action, making it vulnerable to blind SQL injection attacks by users with roles as low as Subscriber. Further, it does not have any CSRF protection in place for the action, allowing an attacker to trick any logged in user to perform the action by clicking a link."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:icegram:email_subscribers_\\&_newsletters:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0440",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/2239095f-8a66-4a5d-ab49-1662a40fddf1",
"name" : "https://wpscan.com/vulnerability/2239095f-8a66-4a5d-ab49-1662a40fddf1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2239095f-8a66-4a5d-ab49-1662a40fddf1",
"name" : "https://wpscan.com/vulnerability/2239095f-8a66-4a5d-ab49-1662a40fddf1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog (ie DISALLOW_UNFILTERED_HTML, DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS constants set to true)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:catchplugins:catch_themes_demo_import:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0441",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2667195",
"name" : "https://plugins.trac.wordpress.org/changeset/2667195",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2667195",
"name" : "https://plugins.trac.wordpress.org/changeset/2667195",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed",
"name" : "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed",
"name" : "https://wpscan.com/vulnerability/173c2efe-ee9c-4539-852f-c242b4f728ed",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The MasterStudy LMS WordPress plugin before 2.7.6 does to validate some parameters given when registering a new account, allowing unauthenticated users to register as an admin"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:stylemixthemes:masterstudy_lms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.7.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0442",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-639"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9cf0822a-c9d6-4ebc-b905-95b143d1a692",
"name" : "https://wpscan.com/vulnerability/9cf0822a-c9d6-4ebc-b905-95b143d1a692",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9cf0822a-c9d6-4ebc-b905-95b143d1a692",
"name" : "https://wpscan.com/vulnerability/9cf0822a-c9d6-4ebc-b905-95b143d1a692",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user avatar, and does not make sure file names for user avatars are unique, allowing a logged in user to overwrite another users avatar."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ayecode:userswp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0443",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461",
"name" : "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461",
"name" : "https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51",
"name" : "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51",
"name" : "https://huntr.dev/bounties/b987c8cb-bbbe-4601-8a6c-54ff907c6b51",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UFXFAILMLUIK4MBUEZO4HNBNKYZRJ5AP/",
"name" : "FEDORA-2022-da2fb07efb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4281",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-02T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0444",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9567d295-43c7-4e59-9283-c7726f16d40b",
"name" : "https://wpscan.com/vulnerability/9567d295-43c7-4e59-9283-c7726f16d40b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9567d295-43c7-4e59-9283-c7726f16d40b",
"name" : "https://wpscan.com/vulnerability/9567d295-43c7-4e59-9283-c7726f16d40b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Backup, Restore and Migrate WordPress Sites With the XCloner Plugin WordPress plugin before 4.3.6 does not have authorisation and CSRF checks when resetting its settings, allowing unauthenticated attackers to reset them, including generating a new backup encryption key."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:watchful:xcloner:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.3.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0445",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d9f28255-0026-4c42-9e67-d17b618c2285",
"name" : "https://wpscan.com/vulnerability/d9f28255-0026-4c42-9e67-d17b618c2285",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d9f28255-0026-4c42-9e67-d17b618c2285",
"name" : "https://wpscan.com/vulnerability/d9f28255-0026-4c42-9e67-d17b618c2285",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie Consent WordPress plugin before 2.14.2 does not have CSRF checks in place when resetting its settings, allowing attackers to make a logged in admin reset them via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:devowl:wordpress_real_cookie_banner:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.14.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0446",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3fc7986e-3b38-4e16-9516-2ae00bc7a581",
"name" : "https://wpscan.com/vulnerability/3fc7986e-3b38-4e16-9516-2ae00bc7a581",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3fc7986e-3b38-4e16-9516-2ae00bc7a581",
"name" : "https://wpscan.com/vulnerability/3fc7986e-3b38-4e16-9516-2ae00bc7a581",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Simple Banner WordPress plugin before 2.12.0 does not properly sanitize its \"Simple Banner Text\" Settings allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple_banner_project:simple_banner:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.12.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-08-22T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0447",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/91ca2cc9-951e-4e96-96ff-3bf131209dbe",
"name" : "https://wpscan.com/vulnerability/91ca2cc9-951e-4e96-96ff-3bf131209dbe",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/91ca2cc9-951e-4e96-96ff-3bf131209dbe",
"name" : "https://wpscan.com/vulnerability/91ca2cc9-951e-4e96-96ff-3bf131209dbe",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Post Grid WordPress plugin before 2.1.16 does not sanitise and escape the post_types parameter before outputting it back in the response of the post_grid_update_taxonomies_terms_by_posttypes AJAX action, available to any authenticated users, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pickplugins:post_grid:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.1.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.1,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0448",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d4ff63ee-28e6-486e-9aa7-c878b97f707c",
"name" : "https://wpscan.com/vulnerability/d4ff63ee-28e6-486e-9aa7-c878b97f707c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d4ff63ee-28e6-486e-9aa7-c878b97f707c",
"name" : "https://wpscan.com/vulnerability/d4ff63ee-28e6-486e-9aa7-c878b97f707c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The CP Blocks WordPress plugin before 1.0.15 does not sanitise and escape its \"License ID\" settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dwbooster:cp_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0449",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3cc1bb3c-e124-43d3-bc84-a493561a1387",
"name" : "https://wpscan.com/vulnerability/3cc1bb3c-e124-43d3-bc84-a493561a1387",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3cc1bb3c-e124-43d3-bc84-a493561a1387",
"name" : "https://wpscan.com/vulnerability/3cc1bb3c-e124-43d3-bc84-a493561a1387",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:odude:flexi:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0450",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"name" : "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"name" : "https://wpscan.com/vulnerability/612f9273-acc8-4be6-b372-33f1e687f54a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Menu Image, Icons made easy WordPress plugin before 3.0.6 does not have authorisation and CSRF checks when saving menu settings, and does not validate, sanitise and escape them. As a result, any authenticate users, such as subscriber can update the settings or arbitrary menu and put Cross-Site Scripting payloads in them which will be triggered in the related menu in the frontend"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:freshlightlab:menu_image\\,_icons_made_easy:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0451",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://dart-review.googlesource.com/c/sdk/+/229947",
"name" : "https://dart-review.googlesource.com/c/sdk/+/229947",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://dart-review.googlesource.com/c/sdk/+/229947",
"name" : "https://dart-review.googlesource.com/c/sdk/+/229947",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc",
"name" : "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc",
"name" : "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.16.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0452",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284584",
"name" : "https://crbug.com/1284584",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284584",
"name" : "https://crbug.com/1284584",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Safe Browsing in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0453",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284916",
"name" : "https://crbug.com/1284916",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1284916",
"name" : "https://crbug.com/1284916",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Reader Mode in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0454",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1287962",
"name" : "https://crbug.com/1287962",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1287962",
"name" : "https://crbug.com/1287962",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in ANGLE in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0455",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-1021"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270593",
"name" : "https://crbug.com/1270593",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270593",
"name" : "https://crbug.com/1270593",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 98.0.4758.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0456",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1289523",
"name" : "https://crbug.com/1289523",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1289523",
"name" : "https://crbug.com/1289523",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Web Search in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via profile destruction."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0457",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-843"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274445",
"name" : "https://crbug.com/1274445",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274445",
"name" : "https://crbug.com/1274445",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Type confusion in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0458",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1267060",
"name" : "https://crbug.com/1267060",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1267060",
"name" : "https://crbug.com/1267060",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Thumbnail Tab Strip in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0459",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1244205",
"name" : "https://crbug.com/1244205",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1244205",
"name" : "https://crbug.com/1244205",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Screen Capture in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who had compromised the renderer process and convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0460",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1250227",
"name" : "https://crbug.com/1250227",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1250227",
"name" : "https://crbug.com/1250227",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Window Dialogue in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0461",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1256823",
"name" : "https://crbug.com/1256823",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1256823",
"name" : "https://crbug.com/1256823",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass iframe sandbox via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0462",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270470",
"name" : "https://crbug.com/1270470",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270470",
"name" : "https://crbug.com/1270470",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Scroll in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0463",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1268240",
"name" : "https://crbug.com/1268240",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1268240",
"name" : "https://crbug.com/1268240",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0464",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270095",
"name" : "https://crbug.com/1270095",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270095",
"name" : "https://crbug.com/1270095",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Accessibility in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0465",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281941",
"name" : "https://crbug.com/1281941",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281941",
"name" : "https://crbug.com/1281941",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Extensions in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via user interaction."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0466",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1115460",
"name" : "https://crbug.com/1115460",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1115460",
"name" : "https://crbug.com/1115460",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Extensions Platform in Google Chrome prior to 98.0.4758.80 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0467",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1239496",
"name" : "https://crbug.com/1239496",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1239496",
"name" : "https://crbug.com/1239496",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Pointer Lock in Google Chrome on Windows prior to 98.0.4758.80 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0468",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1252716",
"name" : "https://crbug.com/1252716",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1252716",
"name" : "https://crbug.com/1252716",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Payments in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0469",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1279531",
"name" : "https://crbug.com/1279531",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1279531",
"name" : "https://crbug.com/1279531",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Cast in Google Chrome prior to 98.0.4758.80 allowed a remote attacker who convinced a user to engage in specific interactions to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0470",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1269225",
"name" : "https://crbug.com/1269225",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1269225",
"name" : "https://crbug.com/1269225",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out of bounds memory access in V8 in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.80",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0471",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2695862",
"name" : "https://plugins.trac.wordpress.org/changeset/2695862",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2695862",
"name" : "https://plugins.trac.wordpress.org/changeset/2695862",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/499bfee4-b481-4276-b6ad-0eead6680f66",
"name" : "https://wpscan.com/vulnerability/499bfee4-b481-4276-b6ad-0eead6680f66",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/499bfee4-b481-4276-b6ad-0eead6680f66",
"name" : "https://wpscan.com/vulnerability/499bfee4-b481-4276-b6ad-0eead6680f66",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Favicon by RealFaviconGenerator WordPress plugin before 1.3.23 does not properly sanitise and escape the json_result_url parameter before outputting it back in the Favicon admin dashboard, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:realfavicongenerator:favicon_by_realfavicongenerator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.23",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0472",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
}, {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/jsdecena/laracom/commit/256026193ce994dc4c1365e02f414d8a0cd77ae8",
"name" : "https://github.com/jsdecena/laracom/commit/256026193ce994dc4c1365e02f414d8a0cd77ae8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/jsdecena/laracom/commit/256026193ce994dc4c1365e02f414d8a0cd77ae8",
"name" : "https://github.com/jsdecena/laracom/commit/256026193ce994dc4c1365e02f414d8a0cd77ae8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cb5b8563-15cf-408c-9f79-4871ea0a8713",
"name" : "https://huntr.dev/bounties/cb5b8563-15cf-408c-9f79-4871ea0a8713",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cb5b8563-15cf-408c-9f79-4871ea0a8713",
"name" : "https://huntr.dev/bounties/cb5b8563-15cf-408c-9f79-4871ea0a8713",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in Packagist jsdecena/laracom prior to v2.0.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:laracom_project:laracom:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0473",
"ASSIGNER" : "security@otrs.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-01/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-01/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-01/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-01/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "OTRS administrators can configure dynamic field and inject malicious JavaScript code in the error message of the regular expression check. When used in the agent interface, malicious code might be exectued in the browser. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.31 and prior versions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.0.0",
"versionEndExcluding" : "7.0.32",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-07T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0474",
"ASSIGNER" : "security@otrs.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-02/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-02/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Full list of recipients from customer users in a contact field could be disclosed in notification emails event when the notification is set to be sent to each recipient individually. This issue affects: OTRS AG OTRSCustomContactFields 8.0.x version: 8.0.11 and prior versions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:custom_contact_fields:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.0.0",
"versionEndExcluding" : "8.0.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.5,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 2.1,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-07T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0475",
"ASSIGNER" : "security@otrs.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-05/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-05/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-05/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-05/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Malicious translator is able to inject JavaScript code in few translatable strings (where HTML is allowed). The code could be executed in the Package manager. This issue affects: OTRS AG OTRS 7.0.x version: 7.0.32 and prior versions, 8.0.x version: 8.0.19 and prior versions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.0.0",
"versionEndIncluding" : "7.0.32",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.0.0",
"versionEndIncluding" : "8.0.19",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0476",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b",
"name" : "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b",
"name" : "https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d",
"name" : "https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d",
"name" : "https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-23T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0477",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0477.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0477.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0477.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0477.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348166",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348166",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348166",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/348166",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 11.9 before 14.5.4, all versions starting from 14.6.0 before 14.6.4, all versions starting from 14.7.0 before 14.7.1. GitLab was not correctly handling bulk requests to delete existing packages from the package registries which could result in a Denial of Service under specific conditions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "14.6.0",
"versionEndExcluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.9",
"versionEndExcluding" : "14.5.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0478",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2671860",
"name" : "https://plugins.trac.wordpress.org/changeset/2671860",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2671860",
"name" : "https://plugins.trac.wordpress.org/changeset/2671860",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d881d725-d06b-464f-a25e-88f41b1f431f",
"name" : "https://wpscan.com/vulnerability/d881d725-d06b-464f-a25e-88f41b1f431f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d881d725-d06b-464f-a25e-88f41b1f431f",
"name" : "https://wpscan.com/vulnerability/d881d725-d06b-464f-a25e-88f41b1f431f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Event Manager and Tickets Selling for WooCommerce WordPress plugin before 3.5.8 does not validate and escape the post_author_gutenberg parameter before using it in a SQL statement when creating/editing events, which could allow users with a role as low as contributor to perform SQL Injection attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mage-people:event_manager_and_tickets_selling_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.5.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0479",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2686454",
"name" : "https://plugins.trac.wordpress.org/changeset/2686454",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2686454",
"name" : "https://plugins.trac.wordpress.org/changeset/2686454",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d2bbbaf-fbfd-4921-ba4e-684e2e77e816",
"name" : "https://wpscan.com/vulnerability/0d2bbbaf-fbfd-4921-ba4e-684e2e77e816",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d2bbbaf-fbfd-4921-ba4e-684e2e77e816",
"name" : "https://wpscan.com/vulnerability/0d2bbbaf-fbfd-4921-ba4e-684e2e77e816",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Popup Builder WordPress plugin before 4.1.1 does not sanitise and escape the sgpb-subscription-popup-id parameter before using it in a SQL statement in the All Subscribers admin dashboard, leading to a SQL injection, which could also be used to perform Reflected Cross-Site Scripting attack against a logged in admin opening a malicious link"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0480",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-770"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0480",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0480",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0480",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0480",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2049700",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2049700",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2049700",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2049700",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0f12156dff2862ac54235fc72703f18770769042",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://github.com/kata-containers/kata-containers/issues/3373",
"name" : "https://github.com/kata-containers/kata-containers/issues/3373",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/kata-containers/kata-containers/issues/3373",
"name" : "https://github.com/kata-containers/kata-containers/issues/3373",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/",
"name" : "https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/",
"name" : "https://lore.kernel.org/linux-mm/20210902215519.AWcuVc3li%25akpm%40linux-foundation.org/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://ubuntu.com/security/CVE-2022-0480",
"name" : "https://ubuntu.com/security/CVE-2022-0480",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://ubuntu.com/security/CVE-2022-0480",
"name" : "https://ubuntu.com/security/CVE-2022-0480",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the filelock_init in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number of Portable Operating System Interface (POSIX) file locks."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.15",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0481",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e",
"name" : "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e",
"name" : "https://github.com/mruby/mruby/commit/ae3c99767a27f5c6c584162e2adc6a5d0eb2c54e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027",
"name" : "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027",
"name" : "https://huntr.dev/bounties/54725c8c-87f4-41b6-878c-01d8e0ee7027",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.8
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0482",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166701/Easy-Appointments-Information-Disclosure.html",
"name" : "http://packetstormsecurity.com/files/166701/Easy-Appointments-Information-Disclosure.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166701/Easy-Appointments-Information-Disclosure.html",
"name" : "http://packetstormsecurity.com/files/166701/Easy-Appointments-Information-Disclosure.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://github.com/alextselegidis/easyappointments/commit/44af526a6fc5e898bc1e0132b2af9eb3a9b2c466",
"name" : "https://github.com/alextselegidis/easyappointments/commit/44af526a6fc5e898bc1e0132b2af9eb3a9b2c466",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/alextselegidis/easyappointments/commit/44af526a6fc5e898bc1e0132b2af9eb3a9b2c466",
"name" : "https://github.com/alextselegidis/easyappointments/commit/44af526a6fc5e898bc1e0132b2af9eb3a9b2c466",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2fe771ef-b615-45ef-9b4d-625978042e26",
"name" : "https://huntr.dev/bounties/2fe771ef-b615-45ef-9b4d-625978042e26",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2fe771ef-b615-45ef-9b4d-625978042e26",
"name" : "https://huntr.dev/bounties/2fe771ef-b615-45ef-9b4d-625978042e26",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://opencirt.com/hacking/securing-easy-appointments-cve-2022-0482/",
"name" : "https://opencirt.com/hacking/securing-easy-appointments-cve-2022-0482/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://opencirt.com/hacking/securing-easy-appointments-cve-2022-0482/",
"name" : "https://opencirt.com/hacking/securing-easy-appointments-cve-2022-0482/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Private Personal Information to an Unauthorized Actor in GitHub repository alextselegidis/easyappointments prior to 1.4.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:easyappointments:easyappointments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-09T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0483",
"ASSIGNER" : "security@acronis.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-732"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security-advisory.acronis.com/advisories/SEC-3354",
"name" : "https://security-advisory.acronis.com/advisories/SEC-3354",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security-advisory.acronis.com/advisories/SEC-3354",
"name" : "https://security-advisory.acronis.com/advisories/SEC-3354",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis VSS Doctor (Windows) before build 53"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:acronis:vss_doctor:-:build_53:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0484",
"ASSIGNER" : "psirt@mirantis.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/Mirantis/security/blob/main/advisories/0005.md",
"name" : "https://github.com/Mirantis/security/blob/main/advisories/0005.md",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/Mirantis/security/blob/main/advisories/0005.md",
"name" : "https://github.com/Mirantis/security/blob/main/advisories/0005.md",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Lack of validation of URLs causes Mirantis Container Cloud Lens Extension before v3.1.1 to open external programs other than the default browser to perform sign on to a new cluster. An attacker could host a webserver which serves a malicious Mirantis Container Cloud configuration file and induce the victim to add a new cluster via its URL. This issue affects: Mirantis Mirantis Container Cloud Lens Extension v3 versions prior to v3.1.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mirantis:container_cloud_lens_extension:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.0.0",
"versionEndExcluding" : "3.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0485",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-252"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0485",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0485",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0485",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0485",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046194",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046194",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046194",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2046194",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050324",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050324",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050324",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050324",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb",
"name" : "https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb",
"name" : "https://gitlab.com/nbdkit/libnbd/-/commit/8d444b41d09a700c7ee6f9182a649f3f2d325abb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html",
"name" : "https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html",
"name" : "https://listman.redhat.com/archives/libguestfs/2022-February/msg00104.html",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the copying tool `nbdcopy` of libnbd. When performing multi-threaded copies using asynchronous nbd calls, nbdcopy was blindly treating the completion of an asynchronous command as successful, rather than checking the *error parameter. This could result in the silent creation of a corrupted destination image."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:libnbd:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.11.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.2,
"impactScore" : 2.5
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0486",
"ASSIGNER" : "security@fidelissecurity.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-276"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"name" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"name" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fidelissecurity:deception:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fidelissecurity:network:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-17T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0487",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044561",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044561",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044561",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044561",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42933c8aa14be1caa9eda41f65cde8a3a95d3e39",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove in drivers/memstick/host/rtsx_usb_ms.c in memstick in the Linux kernel. In this flaw, a local attacker with a user privilege may impact system Confidentiality. This flaw affects kernel versions prior to 5.14 rc1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.13.19",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0488",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0488.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0488.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0488.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0488.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/23520",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/23520",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/23520",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/23520",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting with version 8.10. It was possible to trigger a timeout on a page with markdown by using a specific amount of block-quotes."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "8.10",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "8.10",
"versionEndIncluding" : "14.5.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.6",
"versionEndIncluding" : "14.6.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndIncluding" : "14.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0489",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0489.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0489.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0489.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0489.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/341832",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/341832",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/341832",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/341832",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1350793",
"name" : "https://hackerone.com/reports/1350793",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1350793",
"name" : "https://hackerone.com/reports/1350793",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a specific formula in issue comments."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "8.15.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "8.15.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7.0",
"versionEndIncluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7.0",
"versionEndIncluding" : "14.7.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.1,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0492",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html",
"name" : "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html",
"name" : "http://packetstormsecurity.com/files/166444/Kernel-Live-Patch-Security-Notice-LSN-0085-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"name" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"name" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html",
"name" : "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html",
"name" : "http://packetstormsecurity.com/files/176099/Docker-cgroups-Container-Escape.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051505",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051505",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051505",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051505",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220419-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220419-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220419-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220419-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.10",
"versionEndExcluding" : "4.14.266",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.15",
"versionEndExcluding" : "4.19.229",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.5",
"versionEndExcluding" : "5.10.97",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.6.24",
"versionEndExcluding" : "4.9.301",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "5.4.177",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.20",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.6",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:solidfire\\,_enterprise_sds_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-03T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0493",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2685592",
"name" : "https://plugins.trac.wordpress.org/changeset/2685592",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2685592",
"name" : "https://plugins.trac.wordpress.org/changeset/2685592",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/21e2e5fc-03d2-4791-beef-07af6bf985ed",
"name" : "https://wpscan.com/vulnerability/21e2e5fc-03d2-4791-beef-07af6bf985ed",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/21e2e5fc-03d2-4791-beef-07af6bf985ed",
"name" : "https://wpscan.com/vulnerability/21e2e5fc-03d2-4791-beef-07af6bf985ed",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The String locator WordPress plugin before 2.5.0 does not properly validate the path of the files to be searched, allowing high privilege users such as admin to query arbitrary files on the web server via a path traversal vector. Furthermore, due to a flaw in the search, allowing a pattern to be provided, which will be used to output the relevant matches from the matching file, all content of the file can be disclosed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:string_locator_project:string_locator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0494",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-908"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039448",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039448",
"refsource" : "",
"tags" : [ "Issue Tracking" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039448",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2039448",
"refsource" : "",
"tags" : [ "Issue Tracking" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/",
"name" : "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/",
"name" : "https://lore.kernel.org/all/20220216084038.15635-1-tcs.kernel%40gmail.com/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5161",
"name" : "DSA-5161",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5161",
"name" : "DSA-5161",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0495",
"ASSIGNER" : "cve@usom.gov.tr"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.usom.gov.tr/bildirim/tr-22-0635",
"name" : "https://www.usom.gov.tr/bildirim/tr-22-0635",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.usom.gov.tr/bildirim/tr-22-0635",
"name" : "https://www.usom.gov.tr/bildirim/tr-22-0635",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:parantezteknoloji:koha_library_automation:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "19.05.03.01",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : { },
"publishedDate" : "2022-09-21T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0496",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050695",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050695",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050695",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050695",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41",
"name" : "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41",
"name" : "https://github.com/openscad/openscad/commit/00a4692989c4e2f191525f73f24ad8727bacdf41",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652",
"name" : "https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652",
"name" : "https://github.com/openscad/openscad/commit/770e3234cbfe66edbc0333f796b46d36a74aa652",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/issues/4037",
"name" : "https://github.com/openscad/openscad/issues/4037",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/issues/4037",
"name" : "https://github.com/openscad/openscad/issues/4037",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerbiility was found in Openscad, where a DXF-format drawing with particular (not necessarily malformed!) properties may cause an out-of-bounds memory access when imported using import()."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openscad:openscad:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2022-02-04",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0497",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050699",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050699",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050699",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050699",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/issues/4043",
"name" : "https://github.com/openscad/openscad/issues/4043",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/issues/4043",
"name" : "https://github.com/openscad/openscad/issues/4043",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/pull/4044",
"name" : "https://github.com/openscad/openscad/pull/4044",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openscad/openscad/pull/4044",
"name" : "https://github.com/openscad/openscad/pull/4044",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerbiility was found in Openscad, where a .scad file with no trailing newline could cause an out-of-bounds read during parsing of annotations."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openscad:openscad:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2022-01-09",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0498",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-02-04T23:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0499",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e9ccf1fc-1dbf-4a41-bf4a-90af20b286d6",
"name" : "https://wpscan.com/vulnerability/e9ccf1fc-1dbf-4a41-bf4a-90af20b286d6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e9ccf1fc-1dbf-4a41-bf4a-90af20b286d6",
"name" : "https://wpscan.com/vulnerability/e9ccf1fc-1dbf-4a41-bf4a-90af20b286d6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sermon_browser_project:sermon_browser:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "0.45.22",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0500",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044578",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044578",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044578",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2044578",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=20b2aff4bc15bda809f994761d5719827d66c0b4",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=216e3cd2f28dbbf1fe86848e0e29e6693b9f0a20",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34d3a78c681e8e7844b43d1a2f4671a04249c821",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3c4807322660d4290ac9062c034aed6b87243861",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=48946bd6a5d695c50b34546864b79c1f910a33c1",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c25b2ae136039ffa820c26138ed4a5e5f3ab3841",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cf9f2f8d62eca810afbd1ee6cc0800202b000e57",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220519-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220519-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220519-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220519-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.10",
"versionEndExcluding" : "5.15.37",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0501",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19da",
"name" : "https://github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19da",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19da",
"name" : "https://github.com/ptrofimov/beanstalk_console/commit/e351c8260ec1d3718d9e475ee57c7e12c47f19da",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7",
"name" : "https://huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7",
"name" : "https://huntr.dev/bounties/9af1c35e-3f74-4c93-a241-e8be01335ec7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Packagist ptrofimov/beanstalk_console prior to 1.7.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:beanstalk_console_project:beanstalk_console:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-05T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0502",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/d3b107aaa8ec10816acc762d60e7321079c21706",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/d3b107aaa8ec10816acc762d60e7321079c21706",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/d3b107aaa8ec10816acc762d60e7321079c21706",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/d3b107aaa8ec10816acc762d60e7321079c21706",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/34f2aa30-de7f-432a-8749-b43d2774140f",
"name" : "https://huntr.dev/bounties/34f2aa30-de7f-432a-8749-b43d2774140f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/34f2aa30-de7f-432a-8749-b43d2774140f",
"name" : "https://huntr.dev/bounties/34f2aa30-de7f-432a-8749-b43d2774140f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.92",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-06T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0503",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b6d38e23-3761-4447-a794-1e5077fd953a",
"name" : "https://wpscan.com/vulnerability/b6d38e23-3761-4447-a794-1e5077fd953a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b6d38e23-3761-4447-a794-1e5077fd953a",
"name" : "https://wpscan.com/vulnerability/b6d38e23-3761-4447-a794-1e5077fd953a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WordPress Multisite Content Copier/Updater WordPress plugin before 2.1.2 does not sanitise and escape the s parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting issue in the network dashboard"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:obtaininfotech:multisite_content_copier\\/updater:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0504",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250",
"name" : "https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250",
"name" : "https://github.com/microweber/microweber/commit/e607e5f745cd99d5c06a7fce16b3577fab8e1250",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b",
"name" : "https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b",
"name" : "https://huntr.dev/bounties/285ff8a0-a273-4d62-ba01-3e4b4e18467b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-08T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0505",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292",
"name" : "https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292",
"name" : "https://github.com/microweber/microweber/commit/63447b369973724f0d352a006f25af6ff71ae292",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968",
"name" : "https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968",
"name" : "https://huntr.dev/bounties/65b5a243-3f0c-4df3-9bab-898332180968",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0506",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70",
"name" : "https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70",
"name" : "https://github.com/microweber/microweber/commit/05d55f2befb1b25375ca5371875ff535d6cc5f70",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f",
"name" : "https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f",
"name" : "https://huntr.dev/bounties/0a5ec24c-343e-4cc4-b27b-2beb19a1c35f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0507",
"ASSIGNER" : "security@pandorafms.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://khoori.org/posts/cve-2022-0507/",
"name" : "https://khoori.org/posts/cve-2022-0507/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://khoori.org/posts/cve-2022-0507/",
"name" : "https://khoori.org/posts/cve-2022-0507/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"name" : "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"name" : "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.incibe.es/en/cve-assignment-publication/coordinated-cves",
"name" : "https://www.incibe.es/en/cve-assignment-publication/coordinated-cves",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.incibe.es/en/cve-assignment-publication/coordinated-cves",
"name" : "https://www.incibe.es/en/cve-assignment-publication/coordinated-cves",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Found a potential security vulnerability inside the Pandora API. Affected Pandora FMS version range: all versions of NG version, up to OUM 759. This vulnerability could allow an attacker with authenticated IP to inject SQL."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "760",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0508",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/f33e515991a32885622b217bf2ed1d1b0d9d6832",
"name" : "https://github.com/chocobozzz/peertube/commit/f33e515991a32885622b217bf2ed1d1b0d9d6832",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/f33e515991a32885622b217bf2ed1d1b0d9d6832",
"name" : "https://github.com/chocobozzz/peertube/commit/f33e515991a32885622b217bf2ed1d1b0d9d6832",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c3724574-b6c9-430b-849b-40dd2b20f23c",
"name" : "https://huntr.dev/bounties/c3724574-b6c9-430b-849b-40dd2b20f23c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c3724574-b6c9-430b-849b-40dd2b20f23c",
"name" : "https://huntr.dev/bounties/c3724574-b6c9-430b-849b-40dd2b20f23c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository chocobozzz/peertube prior to f33e515991a32885622b217bf2ed1d1b0d9d6832"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2021-12-13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-08T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0509",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6ccb5c12fc1be065ebce9c89c4677ee939b88597",
"name" : "https://github.com/pimcore/pimcore/commit/6ccb5c12fc1be065ebce9c89c4677ee939b88597",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6ccb5c12fc1be065ebce9c89c4677ee939b88597",
"name" : "https://github.com/pimcore/pimcore/commit/6ccb5c12fc1be065ebce9c89c4677ee939b88597",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/26cdf86c-8edc-4af6-8411-d569699ecd1b",
"name" : "https://huntr.dev/bounties/26cdf86c-8edc-4af6-8411-d569699ecd1b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/26cdf86c-8edc-4af6-8411-d569699ecd1b",
"name" : "https://huntr.dev/bounties/26cdf86c-8edc-4af6-8411-d569699ecd1b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist pimcore/pimcore prior to 10.3.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0510",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/b5a9ad65e5a4dde1916f02019f8686ad835681ce",
"name" : "https://github.com/pimcore/pimcore/commit/b5a9ad65e5a4dde1916f02019f8686ad835681ce",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/b5a9ad65e5a4dde1916f02019f8686ad835681ce",
"name" : "https://github.com/pimcore/pimcore/commit/b5a9ad65e5a4dde1916f02019f8686ad835681ce",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bb3525d5-dedc-48b8-ab04-ad4c72499abe",
"name" : "https://huntr.dev/bounties/bb3525d5-dedc-48b8-ab04-ad4c72499abe",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bb3525d5-dedc-48b8-ab04-ad4c72499abe",
"name" : "https://huntr.dev/bounties/bb3525d5-dedc-48b8-ab04-ad4c72499abe",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Packagist pimcore/pimcore prior to 10.3.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0511",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713579%2C1735448%2C1743821%2C1746313%2C1746314%2C1746316%2C1746321%2C1746322%2C1746323%2C1746412%2C1746430%2C1746451%2C1746488%2C1746875%2C1746898%2C1746905%2C1746907%2C1746917%2C1747128%2C1747137%2C1747331%2C1747346%2C1747439%2C1747457%2C1747870%2C1749051%2C1749274%2C1749831",
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713579%2C1735448%2C1743821%2C1746313%2C1746314%2C1746316%2C1746321%2C1746322%2C1746323%2C1746412%2C1746430%2C1746451%2C1746488%2C1746875%2C1746898%2C1746905%2C1746907%2C1746917%2C1747128%2C1747137%2C1747331%2C1747346%2C1747439%2C1747457%2C1747870%2C1749051%2C1749274%2C1749831",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713579%2C1735448%2C1743821%2C1746313%2C1746314%2C1746316%2C1746321%2C1746322%2C1746323%2C1746412%2C1746430%2C1746451%2C1746488%2C1746875%2C1746898%2C1746905%2C1746907%2C1746917%2C1747128%2C1747137%2C1747331%2C1747346%2C1747439%2C1747457%2C1747870%2C1749051%2C1749274%2C1749831",
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1713579%2C1735448%2C1743821%2C1746313%2C1746314%2C1746316%2C1746321%2C1746322%2C1746323%2C1746412%2C1746430%2C1746451%2C1746488%2C1746875%2C1746898%2C1746905%2C1746907%2C1746917%2C1747128%2C1747137%2C1747331%2C1747346%2C1747439%2C1747457%2C1747870%2C1749051%2C1749274%2C1749831",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-04/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-04/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-04/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-04/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Mozilla developers and community members Gabriele Svelto, Sebastian Hengst, Randell Jesup, Luan Herrera, Lars T Hansen, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 96. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 97."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-12-22T20:15Z",
"lastModifiedDate" : "2025-04-16T15:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0512",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40",
"name" : "https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40",
"name" : "https://github.com/unshiftio/url-parse/commit/9be7ee88afd2bb04e4d5a1a8da9a389ac13f8c40",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b",
"name" : "https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b",
"name" : "https://huntr.dev/bounties/6d1bc51f-1876-4f5b-a2c2-734e09e8e05b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:url-parse_project:url-parse:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.5.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0513",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2671297/wp-statistics/trunk/includes/class-wp-statistics-hits.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2671297/wp-statistics/trunk/includes/class-wp-statistics-hits.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2671297/wp-statistics/trunk/includes/class-wp-statistics-hits.php",
"name" : "https://plugins.trac.wordpress.org/changeset/2671297/wp-statistics/trunk/includes/class-wp-statistics-hits.php",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/unauthenticated-sql-injection-vulnerability-patched-in-wordpress-statistics-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/unauthenticated-sql-injection-vulnerability-patched-in-wordpress-statistics-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/unauthenticated-sql-injection-vulnerability-patched-in-wordpress-statistics-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/unauthenticated-sql-injection-vulnerability-patched-in-wordpress-statistics-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the exclusion_reason parameter found in the ~/includes/class-wp-statistics-exclusion.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.4. This requires the \"Record Exclusions\" option to be enabled on the vulnerable site."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "13.1.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-16T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0514",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/fadef0ea07d2f7fb3f41c2cae444ebca2f479679",
"name" : "https://github.com/crater-invoice/crater/commit/fadef0ea07d2f7fb3f41c2cae444ebca2f479679",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/fadef0ea07d2f7fb3f41c2cae444ebca2f479679",
"name" : "https://github.com/crater-invoice/crater/commit/fadef0ea07d2f7fb3f41c2cae444ebca2f479679",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/af08000d-9f4a-4743-865d-5d5cdaf7fb27",
"name" : "https://huntr.dev/bounties/af08000d-9f4a-4743-865d-5d5cdaf7fb27",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/af08000d-9f4a-4743-865d-5d5cdaf7fb27",
"name" : "https://huntr.dev/bounties/af08000d-9f4a-4743-865d-5d5cdaf7fb27",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0515",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5",
"name" : "https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5",
"name" : "https://github.com/crater-invoice/crater/commit/2b7028b7c83fd6e8897f244a2e6723baa20479e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de",
"name" : "https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de",
"name" : "https://huntr.dev/bounties/efb93f1f-1896-4a4c-a059-9ecadac1c4de",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0516",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050237",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050237",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050237",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2050237",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=09a93c1df3eafa43bcdfd7bf837c574911f12f55",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0009/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0009/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0009/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0009/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5092",
"name" : "DSA-5092",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5092",
"name" : "DSA-5092",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw allows a local attacker with a normal user privilege to obtain unauthorized memory write access. This flaw affects Linux kernel versions prior to 5.17-rc4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0517",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1752291",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1752291",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1752291",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1752291",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-08/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-08/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-08/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-08/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:vpn:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-12-22T20:15Z",
"lastModifiedDate" : "2025-04-16T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0518",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa",
"name" : "https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa",
"name" : "https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/10051adf-7ddc-4042-8fd0-8e9e0c5b1184",
"name" : "https://huntr.dev/bounties/10051adf-7ddc-4042-8fd0-8e9e0c5b1184",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/10051adf-7ddc-4042-8fd0-8e9e0c5b1184",
"name" : "https://huntr.dev/bounties/10051adf-7ddc-4042-8fd0-8e9e0c5b1184",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0519",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-119"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"name" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"name" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3",
"name" : "https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3",
"name" : "https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0520",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8",
"name" : "https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8",
"name" : "https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ce13c371-e5ef-4993-97f3-3d33dcd943a6",
"name" : "https://huntr.dev/bounties/ce13c371-e5ef-4993-97f3-3d33dcd943a6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ce13c371-e5ef-4993-97f3-3d33dcd943a6",
"name" : "https://huntr.dev/bounties/ce13c371-e5ef-4993-97f3-3d33dcd943a6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in NPM radare2.js prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0521",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-119"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"name" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"name" : "https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca",
"name" : "https://huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca",
"name" : "https://huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0522",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-119"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6",
"name" : "https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6",
"name" : "https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2d45e589-d614-4875-bba1-be0f729e7ca9",
"name" : "https://huntr.dev/bounties/2d45e589-d614-4875-bba1-be0f729e7ca9",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2d45e589-d614-4875-bba1-be0f729e7ca9",
"name" : "https://huntr.dev/bounties/2d45e589-d614-4875-bba1-be0f729e7ca9",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0523",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269",
"name" : "https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269",
"name" : "https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9d8d6ae0-fe00-40b9-ae1e-b0e8103bac69",
"name" : "https://huntr.dev/bounties/9d8d6ae0-fe00-40b9-ae1e-b0e8103bac69",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9d8d6ae0-fe00-40b9-ae1e-b0e8103bac69",
"name" : "https://huntr.dev/bounties/9d8d6ae0-fe00-40b9-ae1e-b0e8103bac69",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-08T21:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0524",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-840"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5",
"name" : "https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5",
"name" : "https://github.com/publify/publify/commit/16fceecadbe80ab0ef846b62a12dc7bfff10b8c5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d",
"name" : "https://huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d",
"name" : "https://huntr.dev/bounties/bfffae58-b3cd-4e0e-b1f2-3db387a22c3d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Business Logic Errors in GitHub repository publify/publify prior to 9.2.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:publify_project:publify:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-08T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0525",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7",
"name" : "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7",
"name" : "https://github.com/mruby/mruby/commit/0849a2885f81cfd82134992c06df3ccd59052ac7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9",
"name" : "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9",
"name" : "https://huntr.dev/bounties/e19e109f-acf0-4048-8ee8-1b10a870f1e9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T04:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0526",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chatwoot/chatwoot/commit/9f37a6e2ba7a7212bb419e318b8061f472e82d9f",
"name" : "https://github.com/chatwoot/chatwoot/commit/9f37a6e2ba7a7212bb419e318b8061f472e82d9f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chatwoot/chatwoot/commit/9f37a6e2ba7a7212bb419e318b8061f472e82d9f",
"name" : "https://github.com/chatwoot/chatwoot/commit/9f37a6e2ba7a7212bb419e318b8061f472e82d9f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d8f5ce74-2a00-4813-b220-70af771b0edd",
"name" : "https://huntr.dev/bounties/d8f5ce74-2a00-4813-b220-70af771b0edd",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d8f5ce74-2a00-4813-b220-70af771b0edd",
"name" : "https://huntr.dev/bounties/d8f5ce74-2a00-4813-b220-70af771b0edd",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chatwoot:chatwoot:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T05:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0527",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chatwoot/chatwoot/commit/a737f89c473e64f9abdf8ff13a3e64edefa28877",
"name" : "https://github.com/chatwoot/chatwoot/commit/a737f89c473e64f9abdf8ff13a3e64edefa28877",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chatwoot/chatwoot/commit/a737f89c473e64f9abdf8ff13a3e64edefa28877",
"name" : "https://github.com/chatwoot/chatwoot/commit/a737f89c473e64f9abdf8ff13a3e64edefa28877",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a2f598f6-c142-449a-96f8-b4b2f7a9e228",
"name" : "https://huntr.dev/bounties/a2f598f6-c142-449a-96f8-b4b2f7a9e228",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a2f598f6-c142-449a-96f8-b4b2f7a9e228",
"name" : "https://huntr.dev/bounties/a2f598f6-c142-449a-96f8-b4b2f7a9e228",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chatwoot:chatwoot:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T05:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0528",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/transloadit/uppy/commit/267c34045a1e62c98406d8c31261c604a11e544a",
"name" : "https://github.com/transloadit/uppy/commit/267c34045a1e62c98406d8c31261c604a11e544a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/transloadit/uppy/commit/267c34045a1e62c98406d8c31261c604a11e544a",
"name" : "https://github.com/transloadit/uppy/commit/267c34045a1e62c98406d8c31261c604a11e544a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8b060cc3-2420-468e-8293-b9216620175b",
"name" : "https://huntr.dev/bounties/8b060cc3-2420-468e-8293-b9216620175b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8b060cc3-2420-468e-8293-b9216620175b",
"name" : "https://huntr.dev/bounties/8b060cc3-2420-468e-8293-b9216620175b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository transloadit/uppy prior to 3.3.1.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:transloadit:uppy:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "3.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-03T07:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0529",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/unzip_poc",
"name" : "https://github.com/ByteHackr/unzip_poc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/unzip_poc",
"name" : "https://github.com/ByteHackr/unzip_poc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html",
"name" : "[debian-lts-announce] 20220922 [SECURITY] [DLA 3118-1] unzip security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html",
"name" : "[debian-lts-announce] 20220922 [SECURITY] [DLA 3118-1] unzip security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202310-17",
"name" : "https://security.gentoo.org/glsa/202310-17",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202310-17",
"name" : "https://security.gentoo.org/glsa/202310-17",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5202",
"name" : "DSA-5202",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5202",
"name" : "DSA-5202",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0530",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/May/33",
"name" : "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/33",
"name" : "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/38",
"name" : "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/38",
"name" : "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051395",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/unzip_poc",
"name" : "https://github.com/ByteHackr/unzip_poc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/unzip_poc",
"name" : "https://github.com/ByteHackr/unzip_poc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html",
"name" : "[debian-lts-announce] 20220922 [SECURITY] [DLA 3118-1] unzip security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html",
"name" : "[debian-lts-announce] 20220922 [SECURITY] [DLA 3118-1] unzip security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202310-17",
"name" : "https://security.gentoo.org/glsa/202310-17",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202310-17",
"name" : "https://security.gentoo.org/glsa/202310-17",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213255",
"name" : "https://support.apple.com/kb/HT213255",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213255",
"name" : "https://support.apple.com/kb/HT213255",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213257",
"name" : "https://support.apple.com/kb/HT213257",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213257",
"name" : "https://support.apple.com/kb/HT213257",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5202",
"name" : "DSA-5202",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5202",
"name" : "DSA-5202",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:unzip_project:unzip:6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.15",
"versionEndExcluding" : "10.15.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.0",
"versionEndExcluding" : "11.6.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "12.0.0",
"versionEndExcluding" : "12.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0531",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ac5c2a5d-09b6-470b-a598-2972183413ca",
"name" : "https://wpscan.com/vulnerability/ac5c2a5d-09b6-470b-a598-2972183413ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ac5c2a5d-09b6-470b-a598-2972183413ca",
"name" : "https://wpscan.com/vulnerability/ac5c2a5d-09b6-470b-a598-2972183413ca",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Migration, Backup, Staging WordPress plugin before 0.9.70 does not sanitise and escape the sub_page parameter before outputting it back in the page, leading to a reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpvivid:migration\\,_backup\\,_staging:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "0.9.70",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0532",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-732"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051730",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051730",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051730",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2051730",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls",
"name" : "https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls",
"name" : "https://kubernetes.io/docs/tasks/administer-cluster/sysctl-cluster/#enabling-unsafe-sysctls",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of \"safe\" sysctls specified for the cluster will be applied to the host if an attacker is able to create a pod with a hostIPC and hostNetwork kernel namespace."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.18",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 4.2,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.6,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 6.8,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0533",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2675223/ditty-news-ticker",
"name" : "https://plugins.trac.wordpress.org/changeset/2675223/ditty-news-ticker",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2675223/ditty-news-ticker",
"name" : "https://plugins.trac.wordpress.org/changeset/2675223/ditty-news-ticker",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/40f36692-c898-4441-ad24-2dc17856bd74",
"name" : "https://wpscan.com/vulnerability/40f36692-c898-4441-ad24-2dc17856bd74",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/40f36692-c898-4441-ad24-2dc17856bd74",
"name" : "https://wpscan.com/vulnerability/40f36692-c898-4441-ad24-2dc17856bd74",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ditty (formerly Ditty News Ticker) WordPress plugin before 3.0.15 is affected by a Reflected Cross-Site Scripting (XSS) vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:metaphorcreations:ditty:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0534",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9",
"name" : "https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9",
"name" : "https://github.com/michaelrsweet/htmldoc/commit/312f0f9c12f26fbe015cd0e6cefa40e4b99017d9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/issues/463",
"name" : "https://github.com/michaelrsweet/htmldoc/issues/463",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/michaelrsweet/htmldoc/issues/463",
"name" : "https://github.com/michaelrsweet/htmldoc/issues/463",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/02/msg00022.html",
"name" : "[debian-lts-announce] 20220226 [SECURITY] [DLA 2928-1] htmldoc security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/02/msg00022.html",
"name" : "[debian-lts-announce] 20220226 [SECURITY] [DLA 2928-1] htmldoc security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in htmldoc version 1.9.15 where the stack out-of-bounds read takes place in gif_get_code() and occurs when opening a malicious GIF file, which can result in a crash (segmentation fault)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:htmldoc_project:htmldoc:1.9.15:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0535",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2675049/e2pdf",
"name" : "https://plugins.trac.wordpress.org/changeset/2675049/e2pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2675049/e2pdf",
"name" : "https://plugins.trac.wordpress.org/changeset/2675049/e2pdf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a4162e96-a3c5-4f38-a60b-aa3ed9508985",
"name" : "https://wpscan.com/vulnerability/a4162e96-a3c5-4f38-a60b-aa3ed9508985",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a4162e96-a3c5-4f38-a60b-aa3ed9508985",
"name" : "https://wpscan.com/vulnerability/a4162e96-a3c5-4f38-a60b-aa3ed9508985",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:e2pdf:e2pdf:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.16.45",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-07T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0536",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445",
"name" : "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445",
"name" : "https://github.com/follow-redirects/follow-redirects/commit/62e546a99c07c3ee5e4e0718c84a6ca127c5c445",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db",
"name" : "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db",
"name" : "https://huntr.dev/bounties/7cf2bf90-52da-4d59-8028-a73b132de0db",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Removal of Sensitive Information Before Storage or Transfer in NPM follow-redirects prior to 1.14.8.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:follow-redirects_project:follow-redirects:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.14.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0537",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367",
"name" : "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367",
"name" : "https://wpscan.com/vulnerability/abfbba70-5158-4990-98e5-f302361db367",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the \"ajax_save\" function. The file is written relative to the current 's stylesheet directory, and a .php file extension is added. No validation is performed on the content of the file, triggering an RCE vulnerability by uploading a web shell. Further the name parameter is not sanitized, allowing the payload to be uploaded to any directory to which the server has write access."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.73.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0538",
"ASSIGNER" : "jenkinsci-cert@googlegroups.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-502"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/02/09/1",
"name" : "[oss-security] 20220209 Vulnerability in Jenkins",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/02/09/1",
"name" : "[oss-security] 20220209 Vulnerability in Jenkins",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602",
"name" : "https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602",
"name" : "https://www.jenkins.io/security/advisory/2022-02-09/#SECURITY-2602",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Jenkins 2.333 and earlier, LTS 2.319.2 and earlier defines custom XStream converters that have not been updated to apply the protections for the vulnerability CVE-2021-43859 and allow unconstrained resource usage."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
"versionEndExcluding" : "2.319.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
"versionEndExcluding" : "2.334",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-09T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0539",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694",
"name" : "https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694",
"name" : "https://github.com/ptrofimov/beanstalk_console/commit/5aea5f912f6e6d19dedb1fdfc25a29a2e1fc1694",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af",
"name" : "https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af",
"name" : "https://huntr.dev/bounties/5f41b182-dda2-4c6f-9668-2a9afaed53af",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist ptrofimov/beanstalk_console prior to 1.7.14."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:beanstalk_console_project:beanstalk_console:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.14",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-09T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0540",
"ASSIGNER" : "security@atlassian.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20",
"name" : "https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20",
"name" : "https://confluence.atlassian.com/display/JIRA/Jira+Security+Advisory+2022-04-20",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://jira.atlassian.com/browse/JRASERVER-73650",
"name" : "https://jira.atlassian.com/browse/JRASERVER-73650",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://jira.atlassian.com/browse/JRASERVER-73650",
"name" : "https://jira.atlassian.com/browse/JRASERVER-73650",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://jira.atlassian.com/browse/JSDSERVER-11224",
"name" : "https://jira.atlassian.com/browse/JSDSERVER-11224",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://jira.atlassian.com/browse/JSDSERVER-11224",
"name" : "https://jira.atlassian.com/browse/JSDSERVER-11224",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atlassian Jira Server and Data Center versions before 8.13.18, versions 8.14.0 and later before 8.20.6, and versions 8.21.0 and later before 8.22.0. This also affects Atlassian Jira Service Management Server and Data Center versions before 4.13.18, versions 4.14.0 and later before 4.20.6, and versions 4.21.0 and later before 4.22.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
"versionEndExcluding" : "4.13.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionEndExcluding" : "4.13.18",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.13.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.21.0",
"versionEndExcluding" : "8.22.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.21.0",
"versionEndExcluding" : "8.22.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionStartIncluding" : "4.14.0",
"versionEndExcluding" : "4.20.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
"versionStartIncluding" : "4.14.0",
"versionEndExcluding" : "4.20.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.14.0",
"versionEndExcluding" : "8.20.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.14.0",
"versionEndExcluding" : "8.20.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:server:*:*:*",
"versionStartIncluding" : "4.21.0",
"versionEndExcluding" : "4.22.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_service_management:*:*:*:*:data_center:*:*:*",
"versionStartIncluding" : "4.21.0",
"versionEndExcluding" : "4.22.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.13.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-20T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0541",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/822cac2c-decd-4aa4-9e8e-1ba2d0c080ce",
"name" : "https://wpscan.com/vulnerability/822cac2c-decd-4aa4-9e8e-1ba2d0c080ce",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/822cac2c-decd-4aa4-9e8e-1ba2d0c080ce",
"name" : "https://wpscan.com/vulnerability/822cac2c-decd-4aa4-9e8e-1ba2d0c080ce",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix cookie to an arbitrary value."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:flothemes:flo-launch:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0542",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chatwoot/chatwoot/commit/dd1fe4f93a6fbafa1d1eed87ac7d4143e701ec08",
"name" : "https://github.com/chatwoot/chatwoot/commit/dd1fe4f93a6fbafa1d1eed87ac7d4143e701ec08",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chatwoot/chatwoot/commit/dd1fe4f93a6fbafa1d1eed87ac7d4143e701ec08",
"name" : "https://github.com/chatwoot/chatwoot/commit/dd1fe4f93a6fbafa1d1eed87ac7d4143e701ec08",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e6469ba6-03a2-4b17-8b4e-8932ecd0f7ac",
"name" : "https://huntr.dev/bounties/e6469ba6-03a2-4b17-8b4e-8932ecd0f7ac",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e6469ba6-03a2-4b17-8b4e-8932ecd0f7ac",
"name" : "https://huntr.dev/bounties/e6469ba6-03a2-4b17-8b4e-8932ecd0f7ac",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - DOM in GitHub repository chatwoot/chatwoot prior to 2.7.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chatwoot:chatwoot:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.7.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-08-19T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0543",
"ASSIGNER" : "security@debian.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
"name" : "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
"name" : "http://packetstormsecurity.com/files/166885/Redis-Lua-Sandbox-Escape.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://bugs.debian.org/1005787",
"name" : "https://bugs.debian.org/1005787",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugs.debian.org/1005787",
"name" : "https://bugs.debian.org/1005787",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-security-announce/2022/msg00048.html",
"name" : "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-security-announce/2022/msg00048.html",
"name" : "[debian-security-announce] 20220218 [SECURITY] [DSA 5081-1] redis security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0004/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0004/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5081",
"name" : "DSA-5081",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5081",
"name" : "DSA-5081",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
"name" : "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
"name" : "https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redis:redis:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:-:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 10.0,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T20:15Z",
"lastModifiedDate" : "2025-04-02T20:22Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0544",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-191"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://developer.blender.org/T94661",
"name" : "https://developer.blender.org/T94661",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://developer.blender.org/T94661",
"name" : "https://developer.blender.org/T94661",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, possibly allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.0",
"versionEndExcluding" : "3.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.90.0",
"versionEndExcluding" : "2.93.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.83.19",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.6
},
"severity" : "LOW",
"exploitabilityScore" : 4.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0545",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://developer.blender.org/T94629",
"name" : "https://developer.blender.org/T94629",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://developer.blender.org/T94629",
"name" : "https://developer.blender.org/T94629",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An integer overflow in the processing of loaded 2D images leads to a write-what-where vulnerability and an out-of-bounds read vulnerability, allowing an attacker to leak sensitive information or achieve code execution in the context of the Blender process when a specially crafted image file is loaded. This flaw affects Blender versions prior to 2.83.19, 2.93.8 and 3.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.90.0",
"versionEndExcluding" : "2.93.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.83.19",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.0.0",
"versionEndExcluding" : "3.1.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.1
},
"severity" : "MEDIUM",
"exploitabilityScore" : 4.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0546",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://developer.blender.org/T94572",
"name" : "https://developer.blender.org/T94572",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://developer.blender.org/T94572",
"name" : "https://developer.blender.org/T94572",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00021.html",
"name" : "[debian-lts-announce] 20220628 [SECURITY] [DLA 3060-1] blender security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GIZADV3AHTWZ2YKEFTVLNK3K4F4KTYLM/",
"name" : "FEDORA-2022-d9d630891d",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GIZADV3AHTWZ2YKEFTVLNK3K4F4KTYLM/",
"name" : "FEDORA-2022-d9d630891d",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5176",
"name" : "DSA-5176",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A missing bounds check in the image loader used in Blender 3.x and 2.93.8 leads to out-of-bounds heap access, allowing an attacker to cause denial of service, memory corruption or potentially code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:2.93.8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:blender:blender:3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.1
},
"severity" : "MEDIUM",
"exploitabilityScore" : 4.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0547",
"ASSIGNER" : "security@openvpn.net"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://community.openvpn.net/openvpn/wiki/CVE-2022-0547",
"name" : "https://community.openvpn.net/openvpn/wiki/CVE-2022-0547",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://community.openvpn.net/openvpn/wiki/CVE-2022-0547",
"name" : "https://community.openvpn.net/openvpn/wiki/CVE-2022-0547",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements",
"name" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements",
"name" : "https://community.openvpn.net/openvpn/wiki/SecurityAnnouncements",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html",
"name" : "[debian-lts-announce] 20220503 [SECURITY] [DLA 2992-1] openvpn security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00002.html",
"name" : "[debian-lts-announce] 20220503 [SECURITY] [DLA 2992-1] openvpn security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJ35WKPME4HYNQCQNAJHLCZOJL2SAE/",
"name" : "FEDORA-2022-cb4c1146dc",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GFXJ35WKPME4HYNQCQNAJHLCZOJL2SAE/",
"name" : "FEDORA-2022-cb4c1146dc",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R36OYC5SJ6FLPVAYJYYT4MOJ2I7MGYFF/",
"name" : "FEDORA-2022-7d46acce7c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R36OYC5SJ6FLPVAYJYYT4MOJ2I7MGYFF/",
"name" : "FEDORA-2022-7d46acce7c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://openvpn.net/community-downloads/",
"name" : "https://openvpn.net/community-downloads/",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://openvpn.net/community-downloads/",
"name" : "https://openvpn.net/community-downloads/",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.5.0",
"versionEndExcluding" : "2.5.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.1.0",
"versionEndExcluding" : "2.4.12",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-18T18:15Z",
"lastModifiedDate" : "2025-04-23T19:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0549",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0549.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0549.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0549.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0549.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/342448",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/342448",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/342448",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/342448",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not possible to do through the Web UI."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "13.2",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "13.2",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0550",
"ASSIGNER" : "prodsec@nozominetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.nozominetworks.com/NN-2022:2-01",
"name" : "https://security.nozominetworks.com/NN-2022:2-01",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.nozominetworks.com/NN-2022:2-01",
"name" : "https://security.nozominetworks.com/NN-2022:2-01",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Input Validation vulnerability in custom report logo upload in Nozomi Networks Guardian, and CMC allows an authenticated attacker with admin or report manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.0.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0551",
"ASSIGNER" : "prodsec@nozominetworks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.nozominetworks.com/NN-2022:2-02",
"name" : "https://security.nozominetworks.com/NN-2022:2-02",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.nozominetworks.com/NN-2022:2-02",
"name" : "https://security.nozominetworks.com/NN-2022:2-02",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Input Validation vulnerability in project file upload in Nozomi Networks Guardian and CMC allows an authenticated attacker with admin or import manager roles to execute unattended commands on the appliance using web server user privileges. This issue affects: Nozomi Networks Guardian versions prior to 22.0.0. Nozomi Networks CMC versions prior to 22.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.0.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0552",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2021-21409",
"name" : "https://access.redhat.com/security/cve/CVE-2021-21409",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2021-21409",
"name" : "https://access.redhat.com/security/cve/CVE-2021-21409",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052539",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d",
"name" : "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d",
"name" : "https://github.com/openshift/origin-aggregated-logging/commit/d6b72d6c32e7c06b65324294d10406546734004d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:origin-aggregated-logging:3.11:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 5.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T20:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0553",
"ASSIGNER" : "vulnerabilities@zephyrproject.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-319"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp",
"name" : "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp",
"name" : "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "PHYSICAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2023-01-11T04:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0554",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-823"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8",
"name" : "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8",
"name" : "https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71",
"name" : "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71",
"name" : "https://huntr.dev/bounties/7e8f6cd0-b5ee-48a2-8255-6a86f4c46c71",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4327",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-10T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0555",
"ASSIGNER" : "security@ubuntu.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugs.launchpad.net/subiquity/+bug/1960162",
"name" : "https://bugs.launchpad.net/subiquity/+bug/1960162",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://bugs.launchpad.net/subiquity/+bug/1960162",
"name" : "https://bugs.launchpad.net/subiquity/+bug/1960162",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/canonical/subiquity/pull/1181",
"name" : "https://github.com/canonical/subiquity/pull/1181",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/canonical/subiquity/pull/1181",
"name" : "https://github.com/canonical/subiquity/pull/1181",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/canonical/subiquity/pull/1182",
"name" : "https://github.com/canonical/subiquity/pull/1182",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/canonical/subiquity/pull/1182",
"name" : "https://github.com/canonical/subiquity/pull/1182",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.cve.org/CVERecord?id=CVE-2022-0555",
"name" : "https://www.cve.org/CVERecord?id=CVE-2022-0555",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.cve.org/CVERecord?id=CVE-2022-0555",
"name" : "https://www.cve.org/CVERecord?id=CVE-2022-0555",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Subiquity Shows Guided Storage Passphrase in Plaintext with Read-all Permissions"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2024-06-03T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0556",
"ASSIGNER" : "security@zyxel.com.tw"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-732"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-local-privilege-escalation-vulnerability-of-AP-Configurator.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator (ZAC) version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:zyxel:zyxel_ap_configurator:1.1.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0557",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html",
"name" : "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html",
"name" : "http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632",
"name" : "https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632",
"name" : "https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8",
"name" : "https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8",
"name" : "https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.exploit-db.com/exploits/50768",
"name" : "https://www.exploit-db.com/exploits/50768",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.exploit-db.com/exploits/50768",
"name" : "https://www.exploit-db.com/exploits/50768",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "OS Command Injection in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-11T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0558",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d",
"name" : "https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d",
"name" : "https://github.com/microweber/microweber/commit/14a1bb971bcb8b5456c2bf0020c3018907a2704d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c",
"name" : "https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c",
"name" : "https://huntr.dev/bounties/8fffc95f-14ae-457b-aecc-be4716a8b91c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-10T10:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0559",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e",
"name" : "https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e",
"name" : "https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e",
"name" : "https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e",
"name" : "https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-16T11:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0560",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63",
"name" : "https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63",
"name" : "https://github.com/microweber/microweber/commit/72d4b12cc487f56a859a8570ada4efb77b4b8c63",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25",
"name" : "https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25",
"name" : "https://huntr.dev/bounties/c9d586e7-0fa1-47ab-a2b3-b890e8dc9b25",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-11T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0561",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef",
"name" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef",
"name" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html",
"name" : "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html",
"name" : "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/",
"name" : "FEDORA-2022-df1df6debd",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/",
"name" : "FEDORA-2022-df1df6debd",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Null source pointer passed as an argument to memcpy() function within TIFFFetchStripThing() in tif_dirread.c in libtiff versions from 3.9.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, the fix is available with commit eecb0712."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndIncluding" : "4.3.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0562",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b",
"name" : "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b",
"name" : "https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/362",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html",
"name" : "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00001.html",
"name" : "[debian-lts-announce] 20220306 [SECURITY] [DLA 2932-1] tiff security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/",
"name" : "FEDORA-2022-df1df6debd",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DZEHZ35XVO2VBZ4HHCMM6J6TQIDSBQOM/",
"name" : "FEDORA-2022-df1df6debd",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Null source pointer passed as an argument to memcpy() function within TIFFReadDirectory() in tif_dirread.c in libtiff versions from 4.0 to 4.3.0 could lead to Denial of Service via crafted TIFF file. For users that compile libtiff from sources, a fix is available with commit 561599c."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.0.0",
"versionEndIncluding" : "4.3.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0563",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-209"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u",
"name" : "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202401-08",
"name" : "GLSA-202401-08",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u",
"name" : "https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220331-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220331-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202401-08",
"name" : "GLSA-202401-08",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an \"INPUTRC\" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.37.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 1.9
},
"severity" : "LOW",
"exploitabilityScore" : 3.4,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T19:15Z",
"lastModifiedDate" : "2025-06-09T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0564",
"ASSIGNER" : "csirt@divd.nl"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-203"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531",
"name" : "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531",
"name" : "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://csirt.divd.nl/CVE-2022-0564/",
"name" : "https://csirt.divd.nl/CVE-2022-0564/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://csirt.divd.nl/CVE-2022-0564/",
"name" : "https://csirt.divd.nl/CVE-2022-0564/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://csirt.divd.nl/DIVD-2021-00021/",
"name" : "https://csirt.divd.nl/DIVD-2021-00021/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://csirt.divd.nl/DIVD-2021-00021/",
"name" : "https://csirt.divd.nl/DIVD-2021-00021/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured.\n\nThe affected URI is /internal_forms_authentication/ the response time of the form is longer if the supplied user does not exists and shorter if the user exists."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:qlik:qlik_sense:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.0",
"versionEndExcluding" : "14.44.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T18:15Z",
"lastModifiedDate" : "2025-04-25T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0565",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/7697f709a501860144352696e583a2533a6e1245",
"name" : "https://github.com/pimcore/pimcore/commit/7697f709a501860144352696e583a2533a6e1245",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/7697f709a501860144352696e583a2533a6e1245",
"name" : "https://github.com/pimcore/pimcore/commit/7697f709a501860144352696e583a2533a6e1245",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b0b29656-4bbe-41cf-92f6-8579df0b6de5",
"name" : "https://huntr.dev/bounties/b0b29656-4bbe-41cf-92f6-8579df0b6de5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b0b29656-4bbe-41cf-92f6-8579df0b6de5",
"name" : "https://huntr.dev/bounties/b0b29656-4bbe-41cf-92f6-8579df0b6de5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting in Packagist pimcore/pimcore prior to 10.3.1.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.1,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0566",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753094",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753094",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753094",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753094",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-07/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-07/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-07/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-07/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "91.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-12-22T20:15Z",
"lastModifiedDate" : "2025-04-16T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0567",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2053326",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2053326",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2053326",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2053326",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in information disclosure and other attacks on other pods that should not be reachable."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovn:ovn-kubernetes:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.10.0",
"versionEndExcluding" : "4.10.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovn:ovn-kubernetes:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.9.0",
"versionEndExcluding" : "4.9.27",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovn:ovn-kubernetes:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.8.0",
"versionEndExcluding" : "4.8.36",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovn:ovn-kubernetes:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.7.47",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.3,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-20T16:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0569",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/05c0819776b07425b2831cd31a8a0f4e7ac30c09",
"name" : "https://github.com/snipe/snipe-it/commit/05c0819776b07425b2831cd31a8a0f4e7ac30c09",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/05c0819776b07425b2831cd31a8a0f4e7ac30c09",
"name" : "https://github.com/snipe/snipe-it/commit/05c0819776b07425b2831cd31a8a0f4e7ac30c09",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b41d5e63-bcd8-4864-8a2e-8ec74eec520b",
"name" : "https://huntr.dev/bounties/b41d5e63-bcd8-4864-8a2e-8ec74eec520b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b41d5e63-bcd8-4864-8a2e-8ec74eec520b",
"name" : "https://huntr.dev/bounties/b41d5e63-bcd8-4864-8a2e-8ec74eec520b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Observable Discrepancy in Packagist snipe/snipe-it prior to v5.3.9.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0570",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad",
"name" : "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad",
"name" : "https://github.com/mruby/mruby/commit/38b164ace7d6ae1c367883a3d67d7f559783faad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1",
"name" : "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1",
"name" : "https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0571",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833",
"name" : "https://github.com/phoronix-test-suite/phoronix-test-suite/commit/1eac9260c8313f0cfc77837ec676f4e6d68bd833",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8",
"name" : "https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8",
"name" : "https://huntr.dev/bounties/a5039485-6e48-4313-98ad-915506c19ae8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQH5OWXAMWSM7H6VSBRDGTOE7UIOZHZ/",
"name" : "FEDORA-2022-e790a2739f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KSQH5OWXAMWSM7H6VSBRDGTOE7UIOZHZ/",
"name" : "FEDORA-2022-e790a2739f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQ2PBBODEOE3BUCYHL5CV47M72ST4I7S/",
"name" : "FEDORA-2022-29c30bc7ef",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PQ2PBBODEOE3BUCYHL5CV47M72ST4I7S/",
"name" : "FEDORA-2022-29c30bc7ef",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QO32MBF3FS65K5YIC6CHXAJTLLPAXJED/",
"name" : "FEDORA-2022-cce05f0e5e",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QO32MBF3FS65K5YIC6CHXAJTLLPAXJED/",
"name" : "FEDORA-2022-cce05f0e5e",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository phoronix-test-suite/phoronix-test-suite prior to 10.8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phoronix-media:phoronix_test_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.8.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0572",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f",
"name" : "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f",
"name" : "https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf",
"name" : "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf",
"name" : "https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html",
"name" : "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/",
"name" : "FEDORA-2022-9cef12c14c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4GOY5YWTP5QUY2EFLCL7AUWA2CV57C37/",
"name" : "FEDORA-2022-9cef12c14c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4359",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0573",
"ASSIGNER" : "security@jfrog.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-502"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data",
"name" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data",
"name" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0573%3A+Artifactory+Vulnerable+to+Deserialization+of+Untrusted+Data",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories",
"name" : "https://www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories",
"name" : "https://www.jfrog.com/confluence/display/JFROG/JFrog+Security+Advisories",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient validation of a user-provided serialized object."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:7.35.0:*:*:*:*:-:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.34.0",
"versionEndExcluding" : "7.34.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.33.0",
"versionEndExcluding" : "7.33.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.31.0",
"versionEndExcluding" : "7.31.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.29.0",
"versionEndExcluding" : "7.29.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.27.0",
"versionEndExcluding" : "7.27.15",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.25.0",
"versionEndExcluding" : "7.25.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.21.0",
"versionEndExcluding" : "7.21.25",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.19.0",
"versionEndExcluding" : "7.19.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.18.0",
"versionEndExcluding" : "7.18.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.0.0",
"versionEndExcluding" : "7.17.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "6.0.0",
"versionEndExcluding" : "6.23.41",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:7.36.0:*:*:*:*:-:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0574",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739",
"name" : "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739",
"name" : "https://github.com/publify/publify/commit/0e6c66ac2002136517662399bca9d838c80d9739",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f",
"name" : "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f",
"name" : "https://huntr.dev/bounties/6f322c84-9e20-4df6-97e8-92bc271ede3f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control in GitHub repository publify/publify prior to 9.2.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:publify_project:publify:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.2.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0575",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54",
"name" : "https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54",
"name" : "https://github.com/librenms/librenms/commit/4f86915866703e2fcd1e34b3fc1181ec2ad78e54",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d",
"name" : "https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d",
"name" : "https://huntr.dev/bounties/13951f51-deed-4a3d-8275-52306cc5a87d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0576",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd",
"name" : "https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd",
"name" : "https://github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177",
"name" : "https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177",
"name" : "https://huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-14T12:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0577",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a",
"name" : "https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a",
"name" : "https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585",
"name" : "https://huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585",
"name" : "https://huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00021.html",
"name" : "[debian-lts-announce] 20220316 [SECURITY] [DLA 2950-1] python-scrapy security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00021.html",
"name" : "[debian-lts-announce] 20220316 [SECURITY] [DLA 2950-1] python-scrapy security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:scrapy:scrapy:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.6.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T04:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0578",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7",
"name" : "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7",
"name" : "https://github.com/publify/publify/commit/b50df050c593cc532b2c516792989bcfce2d73f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc",
"name" : "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc",
"name" : "https://huntr.dev/bounties/02c81928-eb47-476f-8000-e93dc796dbcc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Code Injection in GitHub repository publify/publify prior to 9.2.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:publify_project:publify:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.2.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0579",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/db0c0e790892db874573d95f8ae4268b8a011ab1",
"name" : "https://github.com/snipe/snipe-it/commit/db0c0e790892db874573d95f8ae4268b8a011ab1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/db0c0e790892db874573d95f8ae4268b8a011ab1",
"name" : "https://github.com/snipe/snipe-it/commit/db0c0e790892db874573d95f8ae4268b8a011ab1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/70a99cf4-3241-4ffc-b9ed-5c54932f3849",
"name" : "https://huntr.dev/bounties/70a99cf4-3241-4ffc-b9ed-5c54932f3849",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/70a99cf4-3241-4ffc-b9ed-5c54932f3849",
"name" : "https://huntr.dev/bounties/70a99cf4-3241-4ffc-b9ed-5c54932f3849",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in Packagist snipe/snipe-it prior to 5.3.9.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0580",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3",
"name" : "https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3",
"name" : "https://huntr.dev/bounties/2494106c-7703-4558-bb1f-1eae59d264e3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T23:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0581",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0581.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17935",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17935",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17935",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17935",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-05.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-05.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-05.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-05.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.4.0",
"versionEndExcluding" : "3.4.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.6.0",
"versionEndExcluding" : "3.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0582",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0582.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0582.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0582.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0582.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17882",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17882",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17882",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17882",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-04.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-04.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-04.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-04.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unaligned access in the CSN.1 protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:3.6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.4.0",
"versionEndExcluding" : "3.4.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:3.6.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0583",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0583.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0583.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0583.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0583.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17840",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17840",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17840",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17840",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-03.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-03.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-03.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-03.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Crash in the PVFS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.4.0",
"versionEndExcluding" : "3.4.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.6.0",
"versionEndExcluding" : "3.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0585",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-834"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0585.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0585.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0585.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0585.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-02.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-02.html",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-02.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-02.html",
"refsource" : "",
"tags" : [ "Exploit", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.4.0",
"versionEndExcluding" : "3.4.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.6.0",
"versionEndExcluding" : "3.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0586",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-835"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0586.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0586.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0586.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0586.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17813",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17813",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/wireshark/wireshark/-/issues/17813",
"name" : "https://gitlab.com/wireshark/wireshark/-/issues/17813",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00041.html",
"name" : "[debian-lts-announce] 20220331 [SECURITY] [DLA 2967-1] wireshark security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRJ24JRKLA6XMDKLGVTOPM5KBBU4UHLN/",
"name" : "FEDORA-2022-5a3603afe0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V3DZD2JU56ZI4XV2B3HGVGA5PXQDNA5T/",
"name" : "FEDORA-2022-e29665a42b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-04",
"name" : "GLSA-202210-04",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-01.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-01.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.wireshark.org/security/wnpa-sec-2022-01.html",
"name" : "https://www.wireshark.org/security/wnpa-sec-2022-01.html",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.4.0",
"versionEndExcluding" : "3.4.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.6.0",
"versionEndExcluding" : "3.6.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.8
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-14T22:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0587",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-285"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469",
"name" : "https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469",
"name" : "https://huntr.dev/bounties/0c7c9ecd-33ac-4865-b05b-447ced735469",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Authorization in Packagist librenms/librenms prior to 22.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-15T08:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0588",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"name" : "https://github.com/librenms/librenms/commit/95970af78e4c899744a715766d744deef8c505f7",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d",
"name" : "https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d",
"name" : "https://huntr.dev/bounties/caab3310-0d70-4c8a-8768-956f8dd3326d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in Packagist librenms/librenms prior to 22.2.0.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-15T08:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0589",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa",
"name" : "https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa",
"name" : "https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768",
"name" : "https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768",
"name" : "https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"name" : "https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-15T09:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0590",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/08b66b69-3c69-4a1e-9c0a-5697e31bc04e",
"name" : "https://wpscan.com/vulnerability/08b66b69-3c69-4a1e-9c0a-5697e31bc04e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/08b66b69-3c69-4a1e-9c0a-5697e31bc04e",
"name" : "https://wpscan.com/vulnerability/08b66b69-3c69-4a1e-9c0a-5697e31bc04e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The BulletProof Security WordPress plugin before 5.8 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0591",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47",
"name" : "https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47",
"name" : "https://wpscan.com/vulnerability/b5303e63-d640-4178-9237-d0f524b13d47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:subtlewebinc:formcraft3:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.8.28",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0592",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/5d8d53ad-dc88-4b50-a292-fc447484c27b",
"name" : "https://wpscan.com/vulnerability/5d8d53ad-dc88-4b50-a292-fc447484c27b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5d8d53ad-dc88-4b50-a292-fc447484c27b",
"name" : "https://wpscan.com/vulnerability/5d8d53ad-dc88-4b50-a292-fc447484c27b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The MapSVG WordPress plugin before 6.2.20 does not validate and escape a parameter via a REST endpoint before using it in a SQL statement, leading to a SQL Injection exploitable by unauthenticated users."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mapsvg:mapsvg:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.2.20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0593",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wordpress.org/plugins/login-with-phone-number",
"name" : "https://wordpress.org/plugins/login-with-phone-number",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wordpress.org/plugins/login-with-phone-number",
"name" : "https://wordpress.org/plugins/login-with-phone-number",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/76a50157-04b5-43e8-afbc-a6ddf6d1cba3",
"name" : "https://wpscan.com/vulnerability/76a50157-04b5-43e8-afbc-a6ddf6d1cba3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/76a50157-04b5-43e8-afbc-a6ddf6d1cba3",
"name" : "https://wpscan.com/vulnerability/76a50157-04b5-43e8-afbc-a6ddf6d1cba3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:idehweb:login_with_phone_number:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "LOW",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0594",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1",
"name" : "https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1",
"name" : "https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "9.7.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
}
},
"publishedDate" : "2022-07-25T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0595",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2686614",
"name" : "https://plugins.trac.wordpress.org/changeset/2686614",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2686614",
"name" : "https://plugins.trac.wordpress.org/changeset/2686614",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de",
"name" : "https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de",
"name" : "https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.3 allows SVG files to be uploaded by default via the dnd_codedropz_upload AJAX action, which could lead to Stored Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:codedropz:drag_and_drop_multiple_file_upload_-_contact_form_7:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.6.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0596",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005",
"name" : "https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005",
"name" : "https://github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5",
"name" : "https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5",
"name" : "https://huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Validation of Specified Quantity in Input in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-15T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0597",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2",
"name" : "https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2",
"name" : "https://github.com/microweber/microweber/commit/acfc6a581d1ea86096d1b0ecd8a0eec927c0e9b2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813",
"name" : "https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813",
"name" : "https://huntr.dev/bounties/68c22eab-cc69-4e9f-bcb6-2df3db626813",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-15T14:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0598",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4688d39e-ac9b-47f5-a4c1-f9548b63c68c",
"name" : "https://wpscan.com/vulnerability/4688d39e-ac9b-47f5-a4c1-f9548b63c68c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4688d39e-ac9b-47f5-a4c1-f9548b63c68c",
"name" : "https://wpscan.com/vulnerability/4688d39e-ac9b-47f5-a4c1-f9548b63c68c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Login with phone number WordPress plugin before 1.3.8 does not sanitise and escape plugin settings which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:idehweb:login_with_phone_number:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-08-01T13:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0599",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765",
"name" : "https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765",
"name" : "https://wpscan.com/vulnerability/4f1d45bc-d3bd-472c-959d-05abeff32765",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Mapping Multiple URLs Redirect Same Page WordPress plugin through 5.8 does not sanitize and escape the mmursp_id parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mapping_multiple_urls_redirect_same_page_project:mapping_multiple_urls_redirect_same_page:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "5.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:38Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0600",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/5dd6f625-6738-4e6a-81dc-21c0add4368d",
"name" : "https://wpscan.com/vulnerability/5dd6f625-6738-4e6a-81dc-21c0add4368d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5dd6f625-6738-4e6a-81dc-21c0add4368d",
"name" : "https://wpscan.com/vulnerability/5dd6f625-6738-4e6a-81dc-21c0add4368d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Conference Scheduler WordPress plugin before 2.4.3 does not sanitize and escape the tab parameter before outputting back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:myceliumdesign:conference_scheduler:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0601",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2679245",
"name" : "https://plugins.trac.wordpress.org/changeset/2679245",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2679245",
"name" : "https://plugins.trac.wordpress.org/changeset/2679245",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6ec62eae-2072-4098-8f77-b22d61a89cbf",
"name" : "https://wpscan.com/vulnerability/6ec62eae-2072-4098-8f77-b22d61a89cbf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6ec62eae-2072-4098-8f77-b22d61a89cbf",
"name" : "https://wpscan.com/vulnerability/6ec62eae-2072-4098-8f77-b22d61a89cbf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Countdown, Coming Soon, Maintenance WordPress plugin before 2.2.9 does not sanitize and escape the post parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:edmonsoft:countdown\\,_coming_soon\\,_maintenance_-_countdown_\\&_clock:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.2.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0602",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/tastyigniter/tastyigniter/commit/992d4ce6444805c3132e3635a01b6fd222063554",
"name" : "https://github.com/tastyigniter/tastyigniter/commit/992d4ce6444805c3132e3635a01b6fd222063554",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/tastyigniter/tastyigniter/commit/992d4ce6444805c3132e3635a01b6fd222063554",
"name" : "https://github.com/tastyigniter/tastyigniter/commit/992d4ce6444805c3132e3635a01b6fd222063554",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/615f1788-d474-4580-b0ef-5edd50274010",
"name" : "https://huntr.dev/bounties/615f1788-d474-4580-b0ef-5edd50274010",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/615f1788-d474-4580-b0ef-5edd50274010",
"name" : "https://huntr.dev/bounties/615f1788-d474-4580-b0ef-5edd50274010",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - DOM in GitHub repository tastyigniter/tastyigniter prior to 3.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tastyigniter:tastyigniter:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0603",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1290008",
"name" : "https://crbug.com/1290008",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1290008",
"name" : "https://crbug.com/1290008",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in File Manager in Google Chrome on Chrome OS prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0604",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273397",
"name" : "https://crbug.com/1273397",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1273397",
"name" : "https://crbug.com/1273397",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Tab Groups in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0605",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1286940",
"name" : "https://crbug.com/1286940",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1286940",
"name" : "https://crbug.com/1286940",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Webstore API in Google Chrome prior to 98.0.4758.102 allowed an attacker who convinced a user to install a malicious extension and convinced a user to enage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0606",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1288020",
"name" : "https://crbug.com/1288020",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1288020",
"name" : "https://crbug.com/1288020",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in ANGLE in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0607",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1250655",
"name" : "https://crbug.com/1250655",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1250655",
"name" : "https://crbug.com/1250655",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in GPU in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0608",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270333",
"name" : "https://crbug.com/1270333",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270333",
"name" : "https://crbug.com/1270333",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Integer overflow in Mojo in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0609",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1296150",
"name" : "https://crbug.com/1296150",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1296150",
"name" : "https://crbug.com/1296150",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2025-02-05T14:30Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0610",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"name" : "https://chromereleases.googleblog.com/2022/02/stable-channel-update-for-desktop_14.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1285449",
"name" : "https://crbug.com/1285449",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1285449",
"name" : "https://crbug.com/1285449",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Gamepad API in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "98.0.4758.102",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0611",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/321be4733d3997fc738f0118e1b9af5905f95439",
"name" : "https://github.com/snipe/snipe-it/commit/321be4733d3997fc738f0118e1b9af5905f95439",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/321be4733d3997fc738f0118e1b9af5905f95439",
"name" : "https://github.com/snipe/snipe-it/commit/321be4733d3997fc738f0118e1b9af5905f95439",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7b7447fc-f1b0-446c-b016-ee3f6511010b",
"name" : "https://huntr.dev/bounties/7b7447fc-f1b0-446c-b016-ee3f6511010b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7b7447fc-f1b0-446c-b016-ee3f6511010b",
"name" : "https://huntr.dev/bounties/7b7447fc-f1b0-446c-b016-ee3f6511010b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in Packagist snipe/snipe-it prior to 5.3.11.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.3.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-16T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0612",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/4d4f1db1701f09177896a38e43fd0c693835f03b",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/4d4f1db1701f09177896a38e43fd0c693835f03b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/4d4f1db1701f09177896a38e43fd0c693835f03b",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/4d4f1db1701f09177896a38e43fd0c693835f03b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/eadcf7d2-a479-4901-abcc-1505d3f1b32f",
"name" : "https://huntr.dev/bounties/eadcf7d2-a479-4901-abcc-1505d3f1b32f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/eadcf7d2-a479-4901-abcc-1505d3f1b32f",
"name" : "https://huntr.dev/bounties/eadcf7d2-a479-4901-abcc-1505d3f1b32f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.92",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-16T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0613",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-639"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f",
"name" : "https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f",
"name" : "https://github.com/medialize/uri.js/commit/6ea641cc8648b025ed5f30b090c2abd4d1a5249f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083",
"name" : "https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083",
"name" : "https://huntr.dev/bounties/f53d5c42-c108-40b8-917d-9dad51535083",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332/",
"name" : "FEDORA-2022-7cca5b6d38",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MXSSATHALUSXXD2KT6UFZAX7EG4GR332/",
"name" : "FEDORA-2022-7cca5b6d38",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in NPM urijs prior to 1.19.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:uri.js_project:uri.js:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.19.8",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-16T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0614",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-119"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"name" : "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"name" : "https://huntr.dev/bounties/a980ce4d-c359-4425-92c4-e844c0055879",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:ruby:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-16T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0615",
"ASSIGNER" : "security@eset.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.eset.com/en/ca8230",
"name" : "https://support.eset.com/en/ca8230",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.eset.com/en/ca8230",
"name" : "https://support.eset.com/en/ca8230",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use-after-free in eset_rtp kernel module used in ESET products for Linux allows potential attacker to trigger denial-of-service condition on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding" : "8.0.375.0",
"versionEndIncluding" : "8.1.813.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding" : "7.2.463.0",
"versionEndIncluding" : "7.2.574.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding" : "8.0.3.0",
"versionEndIncluding" : "8.1.5.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding" : "7.1.6.0",
"versionEndIncluding" : "7.1.9.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.8
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0616",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7c63d76e-34ca-4778-8784-437d446c16e0",
"name" : "https://wpscan.com/vulnerability/7c63d76e-34ca-4778-8784-437d446c16e0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7c63d76e-34ca-4778-8784-437d446c16e0",
"name" : "https://wpscan.com/vulnerability/7c63d76e-34ca-4778-8784-437d446c16e0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.47",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0617",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/04/13/2",
"name" : "[oss-security] 20220413 CVE-2022-0617: udf:A null-ptr-deref bug be triggered when write to an ICB inode",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/04/13/2",
"name" : "[oss-security] 20220413 CVE-2022-0617: udf:A null-ptr-deref bug be triggered when write to an ICB inode",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7fc3b7c2981bbd1047916ade327beccb90994eee",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ea8569194b43f0f01f0a84c689388542c7254a1f",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00011.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2940-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00012.html",
"name" : "[debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr%40quack3.lan/T/",
"name" : "https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr%40quack3.lan/T/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr%40quack3.lan/T/",
"name" : "https://lore.kernel.org/lkml/20220114172329.ygzry5rlz64ua2nr%40quack3.lan/T/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5095",
"name" : "DSA-5095",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5096",
"name" : "DSA-5096",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw null pointer dereference in the Linux kernel UDF file system functionality was found in the way user triggers udf_file_write_iter function for the malicious UDF image. A local user could use this flaw to crash the system. Actual from Linux kernel 4.2-rc1 till 5.17-rc2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:4.2:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.2.1",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-16T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0618",
"ASSIGNER" : "cve@forums.swift.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-q36x-r5x4-h4q6",
"name" : "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-q36x-r5x4-h4q6",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-q36x-r5x4-h4q6",
"name" : "https://github.com/apple/swift-nio-http2/security/advisories/GHSA-q36x-r5x4-h4q6",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A program using swift-nio-http2 is vulnerable to a denial of service attack, caused by a network peer sending a specially crafted HTTP/2 frame. This vulnerability is caused by a logical error when parsing a HTTP/2 HEADERS or HTTP/2 PUSH_PROMISE frame where the frame contains padding information without any other data. This logical error caused confusion about the size of the frame, leading to a parsing error. This parsing error immediately crashes the entire process. Sending a HEADERS frame or PUSH_PROMISE frame with HTTP/2 padding information does not require any special permission, so any HTTP/2 connection peer may send such a frame. For clients, this means any server to which they connect may launch this attack. For servers, anyone they allow to connect to them may launch such an attack. The attack is low-effort: it takes very little resources to send an appropriately crafted frame. The impact on availability is high: receiving the frame immediately crashes the server, dropping all in-flight connections and causing the service to need to restart. It is straightforward for an attacker to repeatedly send appropriately crafted frames, so attackers require very few resources to achieve a substantial denial of service. The attack does not have any confidentiality or integrity risks in and of itself: swift-nio-http2 is parsing the frame in memory-safe code, so the crash is safe. However, sudden process crashes can lead to violations of invariants in services, so it is possible that this attack can be used to trigger an error condition that has confidentiality or integrity risks. The risk can be mitigated if untrusted peers can be prevented from communicating with the service. This mitigation is not available to many services. The issue is fixed by rewriting the parsing code to correctly handle the condition. The issue was found by automated fuzzing by oss-fuzz."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:apple:swiftnio_http\\/2:*:*:*:*:*:swift:*:*",
"versionStartIncluding" : "1.0.0",
"versionEndExcluding" : "1.20.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.8
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0619",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d18892c6-2b19-4037-bc39-5d170adaf3d9",
"name" : "https://wpscan.com/vulnerability/d18892c6-2b19-4037-bc39-5d170adaf3d9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d18892c6-2b19-4037-bc39-5d170adaf3d9",
"name" : "https://wpscan.com/vulnerability/d18892c6-2b19-4037-bc39-5d170adaf3d9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Database Peek WordPress plugin through 1.2 does not sanitize and escape the match parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:database_peek_project:database_peek:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0620",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/77b92130-167c-4e8a-bde5-3fd1bd6982c6",
"name" : "https://wpscan.com/vulnerability/77b92130-167c-4e8a-bde5-3fd1bd6982c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/77b92130-167c-4e8a-bde5-3fd1bd6982c6",
"name" : "https://wpscan.com/vulnerability/77b92130-167c-4e8a-bde5-3fd1bd6982c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Delete Old Orders WordPress plugin through 0.2 does not sanitize and escape the date parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:deleteoldorders_project:delete_old_orders:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0621",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b5578747-298d-4f4b-867e-46b767485a98",
"name" : "https://wpscan.com/vulnerability/b5578747-298d-4f4b-867e-46b767485a98",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b5578747-298d-4f4b-867e-46b767485a98",
"name" : "https://wpscan.com/vulnerability/b5578747-298d-4f4b-867e-46b767485a98",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The dTabs WordPress plugin through 1.4 does not sanitize and escape the tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dtabs_project:dtabs:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0622",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2",
"name" : "https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2",
"name" : "https://github.com/snipe/snipe-it/commit/178e44095141ab805c282f563fb088df1a10b2e2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a",
"name" : "https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a",
"name" : "https://huntr.dev/bounties/4ed99dab-5319-4b6b-919a-84a9acd0061a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:6.0.0:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:6.0.0:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.3.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-17T02:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0623",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"name" : "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"name" : "https://huntr.dev/bounties/5b908ac7-d8f1-4fcd-9355-85df565f7580",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-17T07:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0624",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ionicabizau/parse-path/commit/f9ad8856a3c8ae18e1cf4caef5edbabbc42840e8",
"name" : "https://github.com/ionicabizau/parse-path/commit/f9ad8856a3c8ae18e1cf4caef5edbabbc42840e8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ionicabizau/parse-path/commit/f9ad8856a3c8ae18e1cf4caef5edbabbc42840e8",
"name" : "https://github.com/ionicabizau/parse-path/commit/f9ad8856a3c8ae18e1cf4caef5edbabbc42840e8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/afffb2bd-fb06-4144-829e-ecbbcbc85388",
"name" : "https://huntr.dev/bounties/afffb2bd-fb06-4144-829e-ecbbcbc85388",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/afffb2bd-fb06-4144-829e-ecbbcbc85388",
"name" : "https://huntr.dev/bounties/afffb2bd-fb06-4144-829e-ecbbcbc85388",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in GitHub repository ionicabizau/parse-path prior to 5.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:parse-path_project:parse-path:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "5.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "LOW",
"baseScore" : 7.3,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-28T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0625",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/ec5c331c-fb74-4ccc-a4d4-446c2b4e703a",
"name" : "https://wpscan.com/vulnerability/ec5c331c-fb74-4ccc-a4d4-446c2b4e703a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/ec5c331c-fb74-4ccc-a4d4-446c2b4e703a",
"name" : "https://wpscan.com/vulnerability/ec5c331c-fb74-4ccc-a4d4-446c2b4e703a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Admin Menu Editor WordPress plugin through 1.0.4 does not sanitize and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:admin_menu_editor_project:admin_menu_editor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0626",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d72164e2-8449-4fb1-aad3-bfa86d645e47",
"name" : "https://wpscan.com/vulnerability/d72164e2-8449-4fb1-aad3-bfa86d645e47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d72164e2-8449-4fb1-aad3-bfa86d645e47",
"name" : "https://wpscan.com/vulnerability/d72164e2-8449-4fb1-aad3-bfa86d645e47",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Admin Search WordPress plugin before 1.1.6 does not sanitize and escape some parameters before outputting them back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kuroit:advanced_admin_search:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0627",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fd8c720a-a94a-438f-b686-3a734e3c24e4",
"name" : "https://wpscan.com/vulnerability/fd8c720a-a94a-438f-b686-3a734e3c24e4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fd8c720a-a94a-438f-b686-3a734e3c24e4",
"name" : "https://wpscan.com/vulnerability/fd8c720a-a94a-438f-b686-3a734e3c24e4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.47",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0628",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2684307",
"name" : "https://plugins.trac.wordpress.org/changeset/2684307",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2684307",
"name" : "https://plugins.trac.wordpress.org/changeset/2684307",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902",
"name" : "https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902",
"name" : "https://wpscan.com/vulnerability/af9787ee-c496-4f02-a22c-c8f8a97ad902",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:accesspressthemes:ap_mega_menu:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0629",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-121"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc",
"name" : "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc",
"name" : "https://github.com/vim/vim/commit/34f8117dec685ace52cd9e578e2729db278163fc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877",
"name" : "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877",
"name" : "https://huntr.dev/bounties/95e2b0da-e480-4ee8-9324-a93a2ab0a877",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/",
"name" : "FEDORA-2022-8622ebdebb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UURGABNDL77YR5FRQKTFBYNBDQX2KO7Q/",
"name" : "FEDORA-2022-8622ebdebb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4397",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-17T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0630",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"name" : "https://github.com/mruby/mruby/commit/ff3a5ebed6ffbe3e70481531cfb969b497aa73ad",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"name" : "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"name" : "https://huntr.dev/bounties/f7cdd680-1a7f-4992-b4b8-44b5e4ba3e32",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-19T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0631",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"name" : "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"name" : "https://github.com/mruby/mruby/commit/47068ae07a5fa3aa9a1879cdfe98a9ce0f339299",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"name" : "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"name" : "https://huntr.dev/bounties/9bdc49ca-6697-4adc-a785-081e1961bf40",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0632",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"name" : "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"name" : "https://github.com/mruby/mruby/commit/44f591aa8f7091e6ca6cb418e428ae6d4ceaf77d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"name" : "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"name" : "https://huntr.dev/bounties/3e5bb8f6-30fd-4553-86dd-761e9459ce1b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in Homebrew mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-19T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0633",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html",
"name" : "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html",
"name" : "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"name" : "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"name" : "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"name" : "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"name" : "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"name" : "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"name" : "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:premium:wordpress:*:*",
"versionEndExcluding" : "2.22.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding" : "1.22.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-17T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0634",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"name" : "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"name" : "https://wpscan.com/vulnerability/7e11aeb0-b231-407d-86ec-9018c2c7eee3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The ThirstyAffiliates WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subscriber) to add an image from an external URL to an affiliate link. Further the plugin lacks csrf checks, allowing an attacker to trick a logged in user to perform the action by crafting a special request."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:caseproof:thirstyaffiliates_affiliate_link_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.10.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0635",
"ASSIGNER" : "security-officer@isc.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-617"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0635",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0635",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0635",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0635",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:isc:bind:9.18.0:*:*:*:-:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0636",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-120"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-78116",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-78116",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-78116",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-78116",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A denial of service vulnerability was reported in Lenovo Thin Installer prior to version 1.3.0039 that could trigger a system crash."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:thin_installer:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.0039",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-22T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0637",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753838",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753838",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753838",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1753838",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "open redirect in pollbot (pollbot.services.mozilla.com) in versions before 1.4.6"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:pollbot:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.4.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2023-02-16T22:15Z",
"lastModifiedDate" : "2025-03-19T15:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0638",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8",
"name" : "https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8",
"name" : "https://github.com/microweber/microweber/commit/756096da1260f29ff6f4532234d93d8e41dd5aa8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3",
"name" : "https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3",
"name" : "https://huntr.dev/bounties/9d3d883c-d74c-4fe2-9978-a8e3d1ccf9f3",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-Site Request Forgery (CSRF) in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-17T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0639",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788",
"name" : "https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788",
"name" : "https://github.com/unshiftio/url-parse/commit/ef45a1355375a8244063793a19059b4f62fc8788",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155",
"name" : "https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155",
"name" : "https://huntr.dev/bounties/83a6bc9a-b542-4a38-82cd-d995a1481155",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:url-parse_project:url-parse:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.5.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-17T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0640",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2684253",
"name" : "https://plugins.trac.wordpress.org/changeset/2684253",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2684253",
"name" : "https://plugins.trac.wordpress.org/changeset/2684253",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9",
"name" : "https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9",
"name" : "https://wpscan.com/vulnerability/f8405e06-9cf3-4acb-aebb-e80fb402daa9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdevart:pricing_table_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0641",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0a9830df-5f5d-40a3-9841-40994275136f",
"name" : "https://wpscan.com/vulnerability/0a9830df-5f5d-40a3-9841-40994275136f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0a9830df-5f5d-40a3-9841-40994275136f",
"name" : "https://wpscan.com/vulnerability/0a9830df-5f5d-40a3-9841-40994275136f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Popup Like box WordPress plugin before 3.6.1 does not sanitize and escape the ays_fb_tab parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ays-pro:popup_like_box:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0642",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/099cf9b4-0b3a-43c6-8ca9-7c2d50f86425",
"name" : "https://wpscan.com/vulnerability/099cf9b4-0b3a-43c6-8ca9-7c2d50f86425",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/099cf9b4-0b3a-43c6-8ca9-7c2d50f86425",
"name" : "https://wpscan.com/vulnerability/099cf9b4-0b3a-43c6-8ca9-7c2d50f86425",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross-Site Scripting vulnerability where an attacker can trick a logged in administrator to inject arbitrary javascript."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jivochat:jivochat:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.5.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-30T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0643",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/5be0de93-9625-419a-8c37-521c1bd9c24c",
"name" : "https://wpscan.com/vulnerability/5be0de93-9625-419a-8c37-521c1bd9c24c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5be0de93-9625-419a-8c37-521c1bd9c24c",
"name" : "https://wpscan.com/vulnerability/5be0de93-9625-419a-8c37-521c1bd9c24c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Bank Mellat WordPress plugin through 1.3.7 does not sanitize and escape the orderId parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bank_mellat_project:bank_mellat:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.3.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0644",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0645",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038",
"name" : "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038",
"name" : "https://github.com/posthog/posthog/commit/859d8ed9ac7c5026db09714a26c85c1458abb038",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
"name" : "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
"name" : "https://huntr.dev/bounties/c13258a2-30e3-4261-9a3b-2f39c49a8bd6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:posthog:posthog:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.34.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-19T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0646",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au",
"name" : "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au",
"name" : "https://lore.kernel.org/all/20220211011552.1861886-1-jk%40codeconstruct.com.au",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220318-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220318-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw use after free in the Linux kernel Management Component Transport Protocol (MCTP) subsystem was found in the way user triggers cancel_work_sync after the unregister_netdev during removing device. A local user could use this flaw to crash the system or escalate their privileges on the system. It is actual from Linux Kernel 5.17-rc1 (when mctp-serial.c introduced) till 5.17-rc5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0647",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a",
"name" : "https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a",
"name" : "https://wpscan.com/vulnerability/4a585d5f-72ba-43e3-b04f-8b3e1b84444a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Bulk Creator WordPress plugin through 1.0.1 does not sanitize and escape the post_type parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bulk_creator_project:bulk_creator:*:*:*:*:wordpress:*:*:*",
"versionEndIncluding" : "1.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0648",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/90f9ad6a-4855-4a8e-97f6-5f403eb6455d",
"name" : "https://wpscan.com/vulnerability/90f9ad6a-4855-4a8e-97f6-5f403eb6455d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/90f9ad6a-4855-4a8e-97f6-5f403eb6455d",
"name" : "https://wpscan.com/vulnerability/90f9ad6a-4855-4a8e-97f6-5f403eb6455d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the order_pos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:i13websolution:team_circle_image_slider_with_lightbox:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0649",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/284fbc98-803d-4da5-8920-411eeae4bac8",
"name" : "https://wpscan.com/vulnerability/284fbc98-803d-4da5-8920-411eeae4bac8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/284fbc98-803d-4da5-8920-411eeae4bac8",
"name" : "https://wpscan.com/vulnerability/284fbc98-803d-4da5-8920-411eeae4bac8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The AdRotate WordPress plugin before 5.8.23 does not escape Group Names, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ajdg:adrotate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.8.23",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0650",
"ASSIGNER" : "zdi-disclosures@trendmicro.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-407/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-407/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-407/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-407/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n (5553) routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-13993."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:tp-link:tl-wr940n_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "211111",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:tp-link:tl-wr940n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.1,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0651",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042",
"name" : "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042",
"name" : "https://gist.github.com/Xib3rR4dAr/5dbd58b7f57a5037fe461fba8e696042",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2679983%40wp-statistics&new=2679983%40wp-statistics&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0651",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0651",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0651",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0651",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Statistics WordPress plugin is vulnerable to SQL Injection due to insufficient escaping and parameterization of the current_page_type parameter found in the ~/includes/class-wp-statistics-hits.php file which allows attackers without authentication to inject arbitrary SQL queries to obtain sensitive information, in versions up to and including 13.1.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "13.1.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0652",
"ASSIGNER" : "security-alert@sophos.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-532"
}, {
"lang" : "en",
"value" : "CWE-732"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.710",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-22T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0653",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2655168%40profile-builder&new=2655168%40profile-builder&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2655168%40profile-builder&new=2655168%40profile-builder&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2655168%40profile-builder&new=2655168%40profile-builder&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2655168%40profile-builder&new=2655168%40profile-builder&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/reflected-cross-site-scripting-vulnerability-patched-in-wordpress-profile-builder-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Profile Builder – User Profile & User Registration Forms WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the site_url parameter found in the ~/assets/misc/fallback-page.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 3.6.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0654",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/fgribreau/node-request-retry/commit/0979c6001d9d57c2aac3157c11b007397158922a",
"name" : "https://github.com/fgribreau/node-request-retry/commit/0979c6001d9d57c2aac3157c11b007397158922a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/fgribreau/node-request-retry/commit/0979c6001d9d57c2aac3157c11b007397158922a",
"name" : "https://github.com/fgribreau/node-request-retry/commit/0979c6001d9d57c2aac3157c11b007397158922a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a779faf5-c2cc-48be-a31d-4ddfac357afc",
"name" : "https://huntr.dev/bounties/a779faf5-c2cc-48be-a31d-4ddfac357afc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a779faf5-c2cc-48be-a31d-4ddfac357afc",
"name" : "https://huntr.dev/bounties/a779faf5-c2cc-48be-a31d-4ddfac357afc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository fgribreau/node-request-retry prior to 7.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:node-request-retry_project:node-request-retry:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "7.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0655",
"ASSIGNER" : "security@ubuntu.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-02-25T19:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0656",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151",
"name" : "https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151",
"name" : "https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:webtoprint:web_to_print_shop\\:udraw:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.3.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0657",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e7fe8218-4ef5-4ef9-9850-8567c207e8e6",
"name" : "https://wpscan.com/vulnerability/e7fe8218-4ef5-4ef9-9850-8567c207e8e6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e7fe8218-4ef5-4ef9-9850-8567c207e8e6",
"name" : "https://wpscan.com/vulnerability/e7fe8218-4ef5-4ef9-9850-8567c207e8e6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete_leads AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue. There is an attempt to sanitise the input, using sanitize_text_field(), however such function is not intended to prevent SQL injections."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:5_stars_rating_funnel_project:5_stars_rating_funnel:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.54",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0658",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578",
"name" : "https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578",
"name" : "https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The CommonsBooking WordPress plugin before 2.6.8 does not sanitise and escape the location parameter of the calendar_data AJAX action (available to unauthenticated users) before it is used in dynamically constructed SQL queries, leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wielebenwir:commonsbooking:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0659",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/22dc2661-ba64-49e7-af65-892a617ab02c",
"name" : "https://wpscan.com/vulnerability/22dc2661-ba64-49e7-af65-892a617ab02c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/22dc2661-ba64-49e7-af65-892a617ab02c",
"name" : "https://wpscan.com/vulnerability/22dc2661-ba64-49e7-af65-892a617ab02c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Sync QCloud COS WordPress plugin before 2.0.1 does not escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sync_qcloud_cos_project:sync_qcloud_cos:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0660",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a",
"name" : "https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a",
"name" : "https://github.com/microweber/microweber/commit/2417bd2eda2aa2868c1dad1abf62341f22bfc20a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291",
"name" : "https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291",
"name" : "https://huntr.dev/bounties/01fd2e0d-b8cf-487f-a16c-7b088ef3a291",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0661",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3c5a7b03-d4c3-46b9-af65-fb50e58b0bfd",
"name" : "https://wpscan.com/vulnerability/3c5a7b03-d4c3-46b9-af65-fb50e58b0bfd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3c5a7b03-d4c3-46b9-af65-fb50e58b0bfd",
"name" : "https://wpscan.com/vulnerability/3c5a7b03-d4c3-46b9-af65-fb50e58b0bfd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ad Injection WordPress plugin through 1.2.0.19 does not properly sanitize the body of the adverts injected into the pages, allowing a high privileged user (Admin+) to inject arbitrary HTML or javascript even with unfiltered_html disallowed, leading to a stored cross-site scripting (XSS) vulnerability. Further it is also possible to inject PHP code, leading to a Remote Code execution (RCE) vulnerability, even if the DISALLOW_FILE_EDIT and DISALLOW_FILE_MOD constants are both set."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ad_injection_project:ad_injection:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.2.0.19",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0662",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/27ad58ba-b648-41d9-8074-16e4feeaee69",
"name" : "https://wpscan.com/vulnerability/27ad58ba-b648-41d9-8074-16e4feeaee69",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/27ad58ba-b648-41d9-8074-16e4feeaee69",
"name" : "https://wpscan.com/vulnerability/27ad58ba-b648-41d9-8074-16e4feeaee69",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The AdRotate WordPress plugin before 5.8.23 does not sanitise and escape Advert Names which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ajdg:adrotate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.8.23",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0663",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b586b217-f91e-42d3-81f1-cc3ee3a4b01e",
"name" : "https://wpscan.com/vulnerability/b586b217-f91e-42d3-81f1-cc3ee3a4b01e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b586b217-f91e-42d3-81f1-cc3ee3a4b01e",
"name" : "https://wpscan.com/vulnerability/b586b217-f91e-42d3-81f1-cc3ee3a4b01e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Print, PDF, Email by PrintFriendly WordPress plugin before 5.2.3 does not sanitise and escape the Custom Button Text settings, which could allow high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:printfriendly:print\\,_pdf\\,_email_by_printfriendly:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-20T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0664",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gravitl/netmaker/commit/9bee12642986cb9534e268447b70e6f0f03c59cf",
"name" : "https://github.com/gravitl/netmaker/commit/9bee12642986cb9534e268447b70e6f0f03c59cf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gravitl/netmaker/commit/9bee12642986cb9534e268447b70e6f0f03c59cf",
"name" : "https://github.com/gravitl/netmaker/commit/9bee12642986cb9534e268447b70e6f0f03c59cf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/29898a42-fd4f-4b5b-a8e3-ab573cb87eac",
"name" : "https://huntr.dev/bounties/29898a42-fd4f-4b5b-a8e3-ab573cb87eac",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/29898a42-fd4f-4b5b-a8e3-ab573cb87eac",
"name" : "https://huntr.dev/bounties/29898a42-fd4f-4b5b-a8e3-ab573cb87eac",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "0.9.0",
"versionEndExcluding" : "0.9.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gravitl:netmaker:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.8.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0665",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/28945649a6234ccaa8c94c6cd83d1954603baf3e",
"name" : "https://github.com/pimcore/pimcore/commit/28945649a6234ccaa8c94c6cd83d1954603baf3e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/28945649a6234ccaa8c94c6cd83d1954603baf3e",
"name" : "https://github.com/pimcore/pimcore/commit/28945649a6234ccaa8c94c6cd83d1954603baf3e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/423df64d-c591-4ad9-bf1c-411bcbc06ba3",
"name" : "https://huntr.dev/bounties/423df64d-c591-4ad9-bf1c-411bcbc06ba3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/423df64d-c591-4ad9-bf1c-411bcbc06ba3",
"name" : "https://huntr.dev/bounties/423df64d-c591-4ad9-bf1c-411bcbc06ba3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Path Traversal in GitHub repository pimcore/pimcore prior to 10.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-22T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0666",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128",
"name" : "https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128",
"name" : "https://github.com/microweber/microweber/commit/f0e338f1b7dc5ec9d99231f4ed3fa6245a5eb128",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55",
"name" : "https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55",
"name" : "https://huntr.dev/bounties/7215afc7-9133-4749-8e8e-0569317dbd55",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "CRLF Injection leads to Stack Trace Exposure due to lack of filtering at https://demo.microweber.org/ in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0667",
"ASSIGNER" : "security-officer@isc.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-617"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0667",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0667",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://kb.isc.org/v1/docs/cve-2022-0667",
"name" : "https://kb.isc.org/v1/docs/cve-2022-0667",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220408-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "When the vulnerability is triggered the BIND process will exit. BIND 9.18.0"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:isc:bind:9.18.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-22T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0668",
"ASSIGNER" : "security@jfrog.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass",
"name" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass",
"name" : "https://www.jfrog.com/confluence/display/JFROG/CVE-2022-0668%3A+Artifactory+Authentication+Bypass",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a specially crafted request is sent by an unauthenticated user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "6.0.0",
"versionEndExcluding" : "6.23.41",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:*",
"versionStartIncluding" : "7.0.0",
"versionEndExcluding" : "7.37.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-01-08T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0669",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0669",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0669",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0669",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0669",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugs.dpdk.org/show_bug.cgi?id=922",
"name" : "https://bugs.dpdk.org/show_bug.cgi?id=922",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://bugs.dpdk.org/show_bug.cgi?id=922",
"name" : "https://bugs.dpdk.org/show_bug.cgi?id=922",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055793",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055793",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055793",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055793",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227",
"name" : "https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227",
"name" : "https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0669",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0669",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0669",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0669",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:19.11:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "20.02",
"versionEndExcluding" : "22.03",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openvswitch:openvswitch:2.15.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openvswitch:openvswitch:2.13.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.0,
"impactScore" : 4.0
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0670",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/",
"name" : "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/",
"name" : "https://ceph.io/en/news/blog/2022/v17-2-2-quincy-released/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/",
"name" : "FEDORA-2022-67e0522b94",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5O3XMDFZWA2FWU6GAYOVSFJPOUTXN42N/",
"name" : "FEDORA-2022-67e0522b94",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/",
"name" : "FEDORA-2022-6d129f14f2",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TIRTTRG5O4YP2TNGDCDOHIHP2DM3DFBT/",
"name" : "FEDORA-2022-6d129f14f2",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Openstack manilla owning a Ceph File system \"share\", which enables the owner to read/write any manilla share or entire file system. The vulnerability is due to a bug in the \"volumes\" plugin in Ceph Manager. This allows an attacker to compromise Confidentiality and Integrity of a file system. Fixed in RHCS 5.2 and Ceph 17.2.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "15.0.0",
"versionEndExcluding" : "15.2.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "16.0.0",
"versionEndExcluding" : "16.2.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:linuxfoundation:ceph:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "17.0.0",
"versionEndExcluding" : "17.2.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:ceph_storage:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
}
},
"publishedDate" : "2022-07-25T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0671",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
}, {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/redhat-developer/vscode-xml/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/redhat-developer/vscode-xml/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/redhat-developer/vscode-xml/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/redhat-developer/vscode-xml/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in vscode-xml in versions prior to 0.19.0. Schema download could lead to blind SSRF or DoS via a large file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:vscode-xml:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.19.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0672",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in LemMinX in versions prior to 0.19.0. Insecure redirect could allow unauthorized access to sensitive information locally if LemMinX is run under a privileged user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eclipse:lemminx:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.19.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0673",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"name" : "https://github.com/eclipse/lemminx/blob/master/CHANGELOG.md#0190-february-14-2022",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in LemMinX in versions prior to 0.19.0. Cache poisoning of external schema files due to directory traversal."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:eclipse:lemminx:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.19.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0674",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/332e1e1e-7420-4605-99bc-4074e212ff9b",
"name" : "https://wpscan.com/vulnerability/332e1e1e-7420-4605-99bc-4074e212ff9b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/332e1e1e-7420-4605-99bc-4074e212ff9b",
"name" : "https://wpscan.com/vulnerability/332e1e1e-7420-4605-99bc-4074e212ff9b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Kunze Law WordPress plugin before 2.1 does not escape its 'E-Mail Error \"From\" Address' settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kunze-medien:kunze_law:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0675",
"ASSIGNER" : "security@perforce.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://puppet.com/security/cve/CVE-2022-0675",
"name" : "https://puppet.com/security/cve/CVE-2022-0675",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://puppet.com/security/cve/CVE-2022-0675",
"name" : "https://puppet.com/security/cve/CVE-2022-0675",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:puppet:firewall:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.4.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0676",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
"name" : "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
"name" : "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
"name" : "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
"name" : "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-22T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0677",
"ASSIGNER" : "cve-requests@bitdefender.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.bitdefender.com/support/security-advisories/improper-handling-of-length-parameter-inconsistency-vulnerability-in-bitdefender-update-server-va-10144",
"name" : "https://www.bitdefender.com/support/security-advisories/improper-handling-of-length-parameter-inconsistency-vulnerability-in-bitdefender-update-server-va-10144",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.bitdefender.com/support/security-advisories/improper-handling-of-length-parameter-inconsistency-vulnerability-in-bitdefender-update-server-va-10144",
"name" : "https://www.bitdefender.com/support/security-advisories/improper-handling-of-length-parameter-inconsistency-vulnerability-in-bitdefender-update-server-va-10144",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Bitdefender GravityZone versions prior to 26.4-1. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:windows:*:*",
"versionEndExcluding" : "7.4.1.111",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:linux:*:*",
"versionEndExcluding" : "6.2.21.171",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:update_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.4.0.276",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bitdefender:gravityzone:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "26.4-1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-07T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0678",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8",
"name" : "https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8",
"name" : "https://github.com/microweber/microweber/commit/2b8fa5aac31e51e2aca83c7ef5d1281ba2e755f8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0",
"name" : "https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0",
"name" : "https://huntr.dev/bounties/d707137a-aace-44c5-b15c-1807035716c0",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-19T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0679",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8",
"name" : "https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8",
"name" : "https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the lib_path parameter before it is passed into a call to require() via the narnoo_distributor_lib_request AJAX action (available to both unauthenticated and authenticated users) which results in the disclosure of arbitrary files as the content of the file is then displayed in the response as JSON data. This could also lead to RCE with various tricks but depends on the underlying system and it's configuration."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:narnoo_distributor_project:narnoo_distributor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.5.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0680",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7cede02e-9af7-4f50-95a8-84ef4c7f7ded",
"name" : "https://wpscan.com/vulnerability/7cede02e-9af7-4f50-95a8-84ef4c7f7ded",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7cede02e-9af7-4f50-95a8-84ef4c7f7ded",
"name" : "https://wpscan.com/vulnerability/7cede02e-9af7-4f50-95a8-84ef4c7f7ded",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Plezi WordPress plugin before 1.0.3 has a REST endpoint allowing unauthenticated users to update the plz_configuration_tracker_enable option, which is then displayed in the admin panel without sanitisation and escaping, leading to a Stored Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:plezi:plezi:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0681",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c5765816-4439-4c14-a847-044248ada0ef",
"name" : "https://wpscan.com/vulnerability/c5765816-4439-4c14-a847-044248ada0ef",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c5765816-4439-4c14-a847-044248ada0ef",
"name" : "https://wpscan.com/vulnerability/c5765816-4439-4c14-a847-044248ada0ef",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0683",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2680585%40essential-addons-for-elementor-lite&new=2680585%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2680585%40essential-addons-for-elementor-lite&new=2680585%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2680585%40essential-addons-for-elementor-lite&new=2680585%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=",
"name" : "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2680585%40essential-addons-for-elementor-lite&new=2680585%40essential-addons-for-elementor-lite&sfp_email=&sfph_mail=",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0683",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0683",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0683",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0683",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Essential Addons for Elementor Lite WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the settings parameter found in the ~/includes/Traits/Helper.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user clicks on a specially crafted link by an attacker. This affects versions up to and including 5.0.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "5.0.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0684",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2681478",
"name" : "https://plugins.trac.wordpress.org/changeset/2681478",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2681478",
"name" : "https://plugins.trac.wordpress.org/changeset/2681478",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/69b178f3-5951-4879-9bbe-183951d002ec",
"name" : "https://wpscan.com/vulnerability/69b178f3-5951-4879-9bbe-183951d002ec",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/69b178f3-5951-4879-9bbe-183951d002ec",
"name" : "https://wpscan.com/vulnerability/69b178f3-5951-4879-9bbe-183951d002ec",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Home Page Menu WordPress plugin before 3.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp_home_page_menu_project:wp_home_page_menu:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0685",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-823"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87",
"name" : "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87",
"name" : "https://github.com/vim/vim/commit/5921aeb5741fc6e84c870d68c7c35b93ad0c9f87",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782",
"name" : "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782",
"name" : "https://huntr.dev/bounties/27230da3-9b1a-4d5d-8cdf-4b1e62fcd782",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4418",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-20T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0686",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5",
"name" : "https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5",
"name" : "https://github.com/unshiftio/url-parse/commit/d5c64791ef496ca5459ae7f2176a31ea53b127e5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c",
"name" : "https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c",
"name" : "https://huntr.dev/bounties/55fd06cd-9054-4d80-83be-eb5a454be78c",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:url-parse_project:url-parse:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.5.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-20T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0687",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3cf05815-9b74-4491-a935-d69a0834146c",
"name" : "https://wpscan.com/vulnerability/3cf05815-9b74-4491-a935-d69a0834146c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3cf05815-9b74-4491-a935-d69a0834146c",
"name" : "https://wpscan.com/vulnerability/3cf05815-9b74-4491-a935-d69a0834146c",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the custom \"Amelia Manager\" role."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.47",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0688",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605",
"name" : "https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605",
"name" : "https://github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9",
"name" : "https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9",
"name" : "https://huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Business Logic Errors in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-20T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0689",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04",
"name" : "https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04",
"name" : "https://github.com/microweber/microweber/commit/c3c25ae6c421bb4a65df9e0035edcc2f75594a04",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649",
"name" : "https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649",
"name" : "https://huntr.dev/bounties/fa5dbbd3-97fe-41a9-8797-2e54d9a9c649",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-19T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0690",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2",
"name" : "https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2",
"name" : "https://github.com/microweber/microweber/commit/f7f5d41ba1a08ceed37c00d5f70a3f48b272e9f2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9",
"name" : "https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9",
"name" : "https://huntr.dev/bounties/4999a0f4-6efb-4681-b4ba-b36babc366f9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in Packagist microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-19T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0691",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63",
"name" : "https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63",
"name" : "https://github.com/unshiftio/url-parse/commit/0e3fb542d60ddbf6933f22eb9b1e06e25eaa5b63",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4",
"name" : "https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4",
"name" : "https://huntr.dev/bounties/57124ed5-4b68-4934-8325-2c546257f2e4",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/02/msg00030.html",
"name" : "[debian-lts-announce] 20230223 [SECURITY] [DLA 3336-1] node-url-parse security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:url-parse_project:url-parse:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "1.5.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0692",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/rudloff/alltube/commit/bc14b6e45c766c05757fb607ef8d444cbbfba71a",
"name" : "https://github.com/rudloff/alltube/commit/bc14b6e45c766c05757fb607ef8d444cbbfba71a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/rudloff/alltube/commit/bc14b6e45c766c05757fb607ef8d444cbbfba71a",
"name" : "https://github.com/rudloff/alltube/commit/bc14b6e45c766c05757fb607ef8d444cbbfba71a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203",
"name" : "https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203",
"name" : "https://huntr.dev/bounties/4fb39400-e08b-47af-8c1f-5093c9a51203",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect on Rudloff/alltube in Packagist rudloff/alltube prior to 3.0.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:alltube_project:alltube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0693",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a72bf075-fd4b-4aa5-b4a4-5f62a0620643",
"name" : "https://wpscan.com/vulnerability/a72bf075-fd4b-4aa5-b4a4-5f62a0620643",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a72bf075-fd4b-4aa5-b4a4-5f62a0620643",
"name" : "https://wpscan.com/vulnerability/a72bf075-fd4b-4aa5-b4a4-5f62a0620643",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:devbunch:master_elements:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "8.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0694",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2682086",
"name" : "https://plugins.trac.wordpress.org/changeset/2682086",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2682086",
"name" : "https://plugins.trac.wordpress.org/changeset/2682086",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/990d1b0a-dbd1-42d0-9a40-c345407c6fe0",
"name" : "https://wpscan.com/vulnerability/990d1b0a-dbd1-42d0-9a40-c345407c6fe0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/990d1b0a-dbd1-42d0-9a40-c345407c6fe0",
"name" : "https://wpscan.com/vulnerability/990d1b0a-dbd1-42d0-9a40-c345407c6fe0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Booking Calendar WordPress plugin before 1.7.0 does not validate and escape the calendar parameter before using it in a SQL statement via the abc_booking_getSingleCalendar AJAX action (available to both unauthenticated and authenticated users), leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:elbtide:advanced_booking_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.7.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0695",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf",
"name" : "https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf",
"name" : "https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bdbddc0e-fb06-4211-a90b-7cbedcee2bea",
"name" : "https://huntr.dev/bounties/bdbddc0e-fb06-4211-a90b-7cbedcee2bea",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bdbddc0e-fb06-4211-a90b-7cbedcee2bea",
"name" : "https://huntr.dev/bounties/bdbddc0e-fb06-4211-a90b-7cbedcee2bea",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0696",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1",
"name" : "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1",
"name" : "https://github.com/vim/vim/commit/0f6e28f686dbb59ab3b562408ab9b2234797b9b1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f",
"name" : "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f",
"name" : "https://huntr.dev/bounties/7416c2cb-1809-4834-8989-e84ff033f15f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html",
"name" : "[debian-lts-announce] 20221124 [SECURITY] [DLA 3204-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4428",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-21T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0697",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/archivy/archivy/commit/2d8cb29853190d42572b36deb61127e68d6be574",
"name" : "https://github.com/archivy/archivy/commit/2d8cb29853190d42572b36deb61127e68d6be574",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/archivy/archivy/commit/2d8cb29853190d42572b36deb61127e68d6be574",
"name" : "https://github.com/archivy/archivy/commit/2d8cb29853190d42572b36deb61127e68d6be574",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2d0301a2-10ff-48f4-a346-5a0e8707835b",
"name" : "https://huntr.dev/bounties/2d0301a2-10ff-48f4-a346-5a0e8707835b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2d0301a2-10ff-48f4-a346-5a0e8707835b",
"name" : "https://huntr.dev/bounties/2d0301a2-10ff-48f4-a346-5a0e8707835b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect in GitHub repository archivy/archivy prior to 1.7.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:archivy_project:archivy:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-06T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0698",
"ASSIGNER" : "help@fluidattacks.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://fluidattacks.com/advisories/garrix/",
"name" : "https://fluidattacks.com/advisories/garrix/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://fluidattacks.com/advisories/garrix/",
"name" : "https://fluidattacks.com/advisories/garrix/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/",
"name" : "https://github.com/microweber/microweber/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://github.com/microweber/microweber/",
"name" : "https://github.com/microweber/microweber/",
"refsource" : "",
"tags" : [ "Product" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:1.3.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-11-25T18:15Z",
"lastModifiedDate" : "2025-04-25T18:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0699",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-415"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f",
"name" : "https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f",
"name" : "https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/OSGeo/shapelib/issues/39",
"name" : "https://github.com/OSGeo/shapelib/issues/39",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/OSGeo/shapelib/issues/39",
"name" : "https://github.com/OSGeo/shapelib/issues/39",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:osgeo:shapelib:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-10-17T16:15Z",
"lastModifiedDate" : "2025-05-13T21:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0700",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1bf1f255-1571-425c-92b1-02833f6a44a7",
"name" : "https://wpscan.com/vulnerability/1bf1f255-1571-425c-92b1-02833f6a44a7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1bf1f255-1571-425c-92b1-02833f6a44a7",
"name" : "https://wpscan.com/vulnerability/1bf1f255-1571-425c-92b1-02833f6a44a7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Simple Tracking WordPress plugin before 1.7 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chrsinteractive:simple_tracking:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0701",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/68882f81-12d3-4e98-82ff-6754ac4ccfa1",
"name" : "https://wpscan.com/vulnerability/68882f81-12d3-4e98-82ff-6754ac4ccfa1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/68882f81-12d3-4e98-82ff-6754ac4ccfa1",
"name" : "https://wpscan.com/vulnerability/68882f81-12d3-4e98-82ff-6754ac4ccfa1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SEO 301 Meta WordPress plugin through 1.9.1 does not escape its Request and Destination settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:seo-301-meta_project:seo-301-meta:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.9.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0702",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/bf6f897b-af65-4122-802c-ae6d4f2346f9",
"name" : "https://wpscan.com/vulnerability/bf6f897b-af65-4122-802c-ae6d4f2346f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/bf6f897b-af65-4122-802c-ae6d4f2346f9",
"name" : "https://wpscan.com/vulnerability/bf6f897b-af65-4122-802c-ae6d4f2346f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Petfinder Listings WordPress plugin through 1.0.18 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:unboxinteractive:petfinder-listings:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.18",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0703",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fa34beff-c8ab-4297-9c59-b3b0c52f0536",
"name" : "https://wpscan.com/vulnerability/fa34beff-c8ab-4297-9c59-b3b0c52f0536",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fa34beff-c8ab-4297-9c59-b3b0c52f0536",
"name" : "https://wpscan.com/vulnerability/fa34beff-c8ab-4297-9c59-b3b0c52f0536",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The GD Mylist WordPress plugin through 1.1.1 does not sanitise and escape some of its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gd-mylist_project:gd-mylist:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0704",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4142a8b4-b439-4328-aaa3-52f6fedfd0a6",
"name" : "https://huntr.dev/bounties/4142a8b4-b439-4328-aaa3-52f6fedfd0a6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4142a8b4-b439-4328-aaa3-52f6fedfd0a6",
"name" : "https://huntr.dev/bounties/4142a8b4-b439-4328-aaa3-52f6fedfd0a6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-16T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0705",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0e1b6836-e5b5-4e47-b9ab-2f6a4790ee7b",
"name" : "https://huntr.dev/bounties/0e1b6836-e5b5-4e47-b9ab-2f6a4790ee7b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0e1b6836-e5b5-4e47-b9ab-2f6a4790ee7b",
"name" : "https://huntr.dev/bounties/0e1b6836-e5b5-4e47-b9ab-2f6a4790ee7b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-16T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0706",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2697388",
"name" : "https://plugins.trac.wordpress.org/changeset/2697388",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2697388",
"name" : "https://plugins.trac.wordpress.org/changeset/2697388",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/598d5c1b-7930-46a6-9a31-5e08a5f14907",
"name" : "https://wpscan.com/vulnerability/598d5c1b-7930-46a6-9a31-5e08a5f14907",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/598d5c1b-7930-46a6-9a31-5e08a5f14907",
"name" : "https://wpscan.com/vulnerability/598d5c1b-7930-46a6-9a31-5e08a5f14907",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.11.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "HIGH",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2025-02-07T19:44Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0707",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2697388",
"name" : "https://plugins.trac.wordpress.org/changeset/2697388",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2697388",
"name" : "https://plugins.trac.wordpress.org/changeset/2697388",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/50680797-61e4-4737-898f-e5b394d89117",
"name" : "https://wpscan.com/vulnerability/50680797-61e4-4737-898f-e5b394d89117",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/50680797-61e4-4737-898f-e5b394d89117",
"name" : "https://wpscan.com/vulnerability/50680797-61e4-4737-898f-e5b394d89117",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Digital Downloads WordPress plugin before 2.11.6 does not have CSRF check in place when inserting payment notes, which could allow attackers to make a logged admin insert arbitrary notes via a CSRF attack"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.11.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2025-02-07T19:44Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0708",
"ASSIGNER" : "responsibledisclosure@mattermost.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Mattermost 6.3.0 and earlier fails to protect email addresses of the creator of the team via one of the APIs, which allows authenticated team members to access this information resulting in sensitive & private information disclosure."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "6.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-21T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0709",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3cd1d8d2-d2a4-45a9-9b5f-c2a56f08be85",
"name" : "https://wpscan.com/vulnerability/3cd1d8d2-d2a4-45a9-9b5f-c2a56f08be85",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3cd1d8d2-d2a4-45a9-9b5f-c2a56f08be85",
"name" : "https://wpscan.com/vulnerability/3cd1d8d2-d2a4-45a9-9b5f-c2a56f08be85",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Booking Package WordPress plugin before 1.5.29 requires a token for exporting the ical representation of it's booking calendar, but this token is returned in the json response to unauthenticated users performing a booking, leading to a sensitive data disclosure vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:saasproject:booking_package:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.5.29",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0710",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.wordfence.com/blog/2022/02/reflected-xss-in-header-footer-code-manager/",
"name" : "https://www.wordfence.com/blog/2022/02/reflected-xss-in-header-footer-code-manager/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/reflected-xss-in-header-footer-code-manager/",
"name" : "https://www.wordfence.com/blog/2022/02/reflected-xss-in-header-footer-code-manager/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Header Footer Code Manager plugin <= 1.1.16 for WordPress is vulnerable to Reflected Cross-Site Scripting (XSS) via the $_REQUEST['page'] parameter."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.1.16",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-24T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0711",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-835"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/cve-2022-0711",
"name" : "https://access.redhat.com/security/cve/cve-2022-0711",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/cve-2022-0711",
"name" : "https://access.redhat.com/security/cve/cve-2022-0711",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8",
"name" : "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8",
"name" : "https://github.com/haproxy/haproxy/commit/bfb15ab34ead85f64cd6da0e9fb418c9cd14cee8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5102",
"name" : "DSA-5102",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5102",
"name" : "DSA-5102",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html",
"name" : "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html",
"name" : "https://www.mail-archive.com/haproxy%40formilux.org/msg41833.html",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the way HAProxy processed HTTP responses containing the \"Set-Cookie2\" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerability is availability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndExcluding" : "2.4.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.3.0",
"versionEndExcluding" : "2.3.18",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:haproxy:haproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.2.0",
"versionEndExcluding" : "2.2.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T22:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0712",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7",
"name" : "https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7",
"name" : "https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466",
"name" : "https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466",
"name" : "https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.1
},
"severity" : "HIGH",
"exploitabilityScore" : 8.6,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-22T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0713",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1",
"name" : "https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1",
"name" : "https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c",
"name" : "https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c",
"name" : "https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/",
"name" : "FEDORA-2022-85b277e748",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/",
"name" : "FEDORA-2022-7db9e7bb5b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-22T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0714",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa",
"name" : "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa",
"name" : "https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3",
"name" : "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3",
"name" : "https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/",
"name" : "FEDORA-2022-63ca9a1129",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/",
"name" : "FEDORA-2022-63ca9a1129",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "8.2.4436",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-22T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0715",
"ASSIGNER" : "cpcert@se.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-345"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"name" : "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"name" : "https://www.se.com/ww/en/download/document/SEVD-2022-067-02/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected Product: APC Smart-UPS Family: SMT Series (SMT Series ID=18: UPS 09.8 and prior / SMT Series ID=1040: UPS 01.2 and prior / SMT Series ID=1031: UPS 03.1 and prior), SMC Series (SMC Series ID=1005: UPS 14.1 and prior / SMC Series ID=1007: UPS 11.0 and prior / SMC Series ID=1041: UPS 01.1 and prior), SCL Series (SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior), SMX Series (SMX Series ID=20: UPS 10.2 and prior / SMX Series ID=23: UPS 07.0 and prior), SRT Series (SRT Series ID=1010/1019/1025: UPS 08.3 and prior / SRT Series ID=1024: UPS 01.0 and prior / SRT Series ID=1020: UPS 10.4 and prior / SRT Series ID=1021: UPS 12.2 and prior / SRT Series ID=1001/1013: UPS 05.1 and prior / SRT Series ID=1002/1014: UPSa05.2 and prior), APC SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smt_series_1015_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "04.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smt_series_1015_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smc_series_1018_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "04.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smc_series_1018_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smtl_series_1026_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.9",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smtl_series_1026_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1029_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1029_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1037_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "03.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1037_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smx_series_1031_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "03.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smx_series_1031_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smt_series_18_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "09.8",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smt_series_18_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smt_series_1040_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smt_series_1040_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smt_series_1031_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "03.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smt_series_1031_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smc_series_1005_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "14.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smc_series_1005_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smc_series_1007_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "11.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smc_series_1007_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smc_series_1041_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smc_series_1041_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1030_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1030_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:scl_series_1036_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "02.5",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:scl_series_1036_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smx_series_20_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smx_series_20_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:smx_series_23_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "07.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:smx_series_23_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1010_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "08.3",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1010_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1019_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "08.3",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1019_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1025_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "08.3",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1025_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1020_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1020_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1021_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "12.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1021_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1001_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "05.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1001_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1013_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "05.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1013_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1002_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "a05.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1002_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srt_series_1014_ups_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "a05.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srt_series_1014_ups:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl1000rmxli_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl1000rmxli:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl1000rmxli-nc_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl1000rmxli-nc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl1500rmxli-nc_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl1500rmxli-nc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl1500rmxli_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl1500rmxli:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl2200rmxli_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl2200rmxli:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl2200rmxli-nc_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl2200rmxli-nc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl3000rmxli-nc_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl3000rmxli-nc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:schneider-electric:srtl3000rmxli_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "01.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:schneider-electric:srtl3000rmxli:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-09T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0717",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"name" : "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"name" : "https://github.com/mruby/mruby/commit/f72315575f78a9a773adbce0ee7d3ec33434cb76",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"name" : "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"name" : "https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read in GitHub repository mruby/mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T02:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0718",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-532"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0718",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0718",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0718",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0718",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugs.launchpad.net/oslo.utils/+bug/1949623",
"name" : "https://bugs.launchpad.net/oslo.utils/+bug/1949623",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugs.launchpad.net/oslo.utils/+bug/1949623",
"name" : "https://bugs.launchpad.net/oslo.utils/+bug/1949623",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2056850",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00015.html",
"name" : "[debian-lts-announce] 20220913 [SECURITY] [DLA 3106-1] python-oslo.utils security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00015.html",
"name" : "[debian-lts-announce] 20220913 [SECURITY] [DLA 3106-1] python-oslo.utils security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa",
"name" : "https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa",
"name" : "https://opendev.org/openstack/oslo.utils/commit/6e17ae1f7959c64dfd20a5f67edf422e702426aa",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0718",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0718",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security-tracker.debian.org/tracker/CVE-2022-0718",
"name" : "https://security-tracker.debian.org/tracker/CVE-2022-0718",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in python-oslo-utils. Due to improper parsing, passwords with a double quote ( \" ) in them cause incorrect masking in debug logs, causing any part of the password after the double quote to be plaintext."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openstack:oslo.utils:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.10.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openstack:oslo.utils:4.12.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0719",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a",
"name" : "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a",
"name" : "https://github.com/microweber/microweber/commit/a5925f74d39775771d4c37c8d4c1acbb762fda0a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312",
"name" : "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312",
"name" : "https://huntr.dev/bounties/bcdce15b-7f40-4971-a061-c25c6053c312",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-23T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0720",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/435ef99c-9210-46c7-80a4-09cd4d3d00cf",
"name" : "https://wpscan.com/vulnerability/435ef99c-9210-46c7-80a4-09cd4d3d00cf",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/435ef99c-9210-46c7-80a4-09cd4d3d00cf",
"name" : "https://wpscan.com/vulnerability/435ef99c-9210-46c7-80a4-09cd4d3d00cf",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing appointments, allowing any customer to update other's booking, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.47",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0721",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec",
"name" : "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec",
"name" : "https://github.com/microweber/microweber/commit/b12e1a490c79460bff019f34b2e17112249b16ec",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb",
"name" : "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb",
"name" : "https://huntr.dev/bounties/ae267d39-9750-4c69-be8b-4f915da089fb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insertion of Sensitive Information Into Debugging Code in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0722",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3",
"name" : "https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3",
"name" : "https://github.com/ionicabizau/parse-url/commit/21c72ab9412228eea753e2abc48f8962707b1fe3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226",
"name" : "https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226",
"name" : "https://huntr.dev/bounties/2490ef6d-5577-4714-a4dd-9608251b4226",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:parse-url_project:parse-url:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-27T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0723",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5",
"name" : "https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5",
"name" : "https://github.com/microweber/microweber/commit/15e519a86e4b24526abaf9e6dc81cb1af86843a5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5",
"name" : "https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5",
"name" : "https://huntr.dev/bounties/16b0547b-1bb3-493c-8a00-5b6a11fca1c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-26T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0724",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-922"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3",
"name" : "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3",
"name" : "https://github.com/microweber/microweber/commit/b592c86d2b927c0cae5b73b87fb541f25e777aa3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062",
"name" : "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062",
"name" : "https://huntr.dev/bounties/0cdc4a29-dada-4264-b326-8b65b4f11062",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure Storage of Sensitive Information in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0725",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-532"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2052696",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in keepass. The vulnerability occurs due to logging the plain text passwords in system log and leads to an Information Exposure vulnerability. This flaw allows an attacker to interact and read sensitive passwords and logs."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:keepass:keepass:2.48:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0726",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"name" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"name" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"name" : "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"name" : "https://huntr.dev/bounties/8928ab08-7fcb-475e-8da7-18e8412c1ac3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0727",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"name" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"name" : "https://github.com/chocobozzz/peertube/commit/6ea9295b8f5dd7cc254202a79aad61c666cc4259",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e",
"name" : "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e",
"name" : "https://huntr.dev/bounties/d1faa10f-0640-480c-bb52-089adb351e6e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0728",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"name" : "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"name" : "https://wpscan.com/vulnerability/c6d3d308-4bf1-493f-86e9-dd623526e3c6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Smooth Scroll Links WordPress plugin before 2.23.1 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pootlepress:easy_smooth_scroll_links:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.23.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0729",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-823"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30",
"name" : "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30",
"name" : "https://github.com/vim/vim/commit/6456fae9ba8e72c74b2c0c499eaf09974604ff30",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"name" : "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"name" : "https://huntr.dev/bounties/f3f3d992-7bd6-4ee5-a502-ae0e5f8016ea",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00018.html",
"name" : "[debian-lts-announce] 20220311 [SECURITY] [DLA 2947-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/",
"name" : "FEDORA-2022-48bf3cb1c4",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/",
"name" : "FEDORA-2022-63ca9a1129",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HBUYQBZ6GWAWJRWP7AODJ4KHW5BCKDVP/",
"name" : "FEDORA-2022-63ca9a1129",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4440",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0730",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/Cacti/cacti/issues/4562",
"name" : "https://github.com/Cacti/cacti/issues/4562",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/Cacti/cacti/issues/4562",
"name" : "https://github.com/Cacti/cacti/issues/4562",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html",
"name" : "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html",
"name" : "[debian-lts-announce] 20220329 [SECURITY] [DLA 2965-1] cacti security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html",
"name" : "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/12/msg00039.html",
"name" : "[debian-lts-announce] 20221231 [SECURITY] [DLA 3252-1] cacti security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/",
"name" : "FEDORA-2022-e619e3d5d0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVOALVZSCBFNOAAZVHTJFSFB7UDSNYQ2/",
"name" : "FEDORA-2022-e619e3d5d0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/",
"name" : "FEDORA-2022-70f5c7ff72",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZH67CCORDEYFG7NL7G6UH47PAV2PU7BA/",
"name" : "FEDORA-2022-70f5c7ff72",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/",
"name" : "FEDORA-2022-6a7e259e15",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZJERS4NYIGJUXEGT6ATUQA4CBYBRDLRA/",
"name" : "FEDORA-2022-6a7e259e15",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5298",
"name" : "DSA-5298",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5298",
"name" : "DSA-5298",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cacti:cacti:1.2.19:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-03T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0731",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-639"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a",
"name" : "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a",
"name" : "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
"name" : "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
"name" : "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0732",
"ASSIGNER" : "cert@cert.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-639"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://cwe.mitre.org/data/definitions/284.html",
"name" : "https://cwe.mitre.org/data/definitions/284.html",
"refsource" : "",
"tags" : [ "Not Applicable" ]
}, {
"url" : "https://cwe.mitre.org/data/definitions/284.html",
"name" : "https://cwe.mitre.org/data/definitions/284.html",
"refsource" : "",
"tags" : [ "Not Applicable" ]
}, {
"url" : "https://kb.cert.org/vuls/id/229438",
"name" : "https://kb.cert.org/vuls/id/229438",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://kb.cert.org/vuls/id/229438",
"name" : "https://kb.cert.org/vuls/id/229438",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://techcrunch.com/2022/02/22/stalkerware-network-spilling-data/",
"name" : "https://techcrunch.com/2022/02/22/stalkerware-network-spilling-data/",
"refsource" : "",
"tags" : [ "Press/Media Coverage", "Third Party Advisory" ]
}, {
"url" : "https://techcrunch.com/2022/02/22/stalkerware-network-spilling-data/",
"name" : "https://techcrunch.com/2022/02/22/stalkerware-network-spilling-data/",
"refsource" : "",
"tags" : [ "Press/Media Coverage", "Third Party Advisory" ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/229438",
"name" : "VU#229438",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.kb.cert.org/vuls/id/229438",
"name" : "VU#229438",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:copy9:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:fonetracker:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:ispyoo:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:guestspy:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:thespyapp:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:secondclone:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:the_truth_spy:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:mxspy:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:1byte:exactspy:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-24T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0734",
"ASSIGNER" : "security@zyxel.com.tw"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"name" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"name" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A cross-site scripting vulnerability was identified in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.35 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.35 through 5.20, and VPN series firmware versions 4.35 through 5.20, that could allow an attacker to obtain some information stored in the user's browser, such as cookies or session tokens, via a malicious script."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.20",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.35",
"versionEndIncluding" : "4.70",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-24T03:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0735",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/353529",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/353529",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/353529",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/353529",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "12.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0736",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711",
"name" : "https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711",
"name" : "https://github.com/mlflow/mlflow/commit/61984e6843d2e59235d82a580c529920cd8f3711",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e5384764-c583-4dec-a1d8-4697f4e12f75",
"name" : "https://huntr.dev/bounties/e5384764-c583-4dec-a1d8-4697f4e12f75",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e5384764-c583-4dec-a1d8-4697f4e12f75",
"name" : "https://huntr.dev/bounties/e5384764-c583-4dec-a1d8-4697f4e12f75",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.23.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-23T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0737",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a5c9fa61-e6f1-4460-84fe-977a203bd4bc",
"name" : "https://wpscan.com/vulnerability/a5c9fa61-e6f1-4460-84fe-977a203bd4bc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a5c9fa61-e6f1-4460-84fe-977a203bd4bc",
"name" : "https://wpscan.com/vulnerability/a5c9fa61-e6f1-4460-84fe-977a203bd4bc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Text Hover WordPress plugin before 4.2 does not sanitize and escape the text to hover, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:text_hover_project:text_hover:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0738",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-522"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0738.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0738.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0738.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0738.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/27395",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/27395",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/27395",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/27395",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "10.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "10.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0739",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2684789",
"name" : "https://plugins.trac.wordpress.org/changeset/2684789",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2684789",
"name" : "https://plugins.trac.wordpress.org/changeset/2684789",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-99b812db2357",
"name" : "https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-99b812db2357",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-99b812db2357",
"name" : "https://wpscan.com/vulnerability/388cd42d-b61a-42a4-8604-99b812db2357",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:reputeinfosystems:bookingpress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0740",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0740.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0740.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0740.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0740.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349359",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349359",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349359",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349359",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://hackerone.com/reports/1411216",
"name" : "https://hackerone.com/reports/1411216",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1411216",
"name" : "https://hackerone.com/reports/1411216",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect authorization in the Asana integration's branch restriction feature in all versions of GitLab CE/EE starting from version 7.8.0 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 makes it possible to close Asana tasks from unrestricted branches."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "7.8.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "7.8.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0741",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0741.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0741.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0741.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0741.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/337601",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/337601",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/337601",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/337601",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1286317",
"name" : "https://hackerone.com/reports/1286317",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1286317",
"name" : "https://hackerone.com/reports/1286317",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an attacker to steal environment variables via specially crafted email addresses."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7.0",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7.0",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0742",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-401"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2d3916f3189172d5c69d33065c3c21119fe539fc",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220425-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220425-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220425-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220425-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/03/15/3",
"name" : "https://www.openwall.com/lists/oss-security/2022/03/15/3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.openwall.com/lists/oss-security/2022/03/15/3",
"name" : "https://www.openwall.com/lists/oss-security/2022/03/15/3",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.13",
"versionEndExcluding" : "5.15.27",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.8
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-18T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0743",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/getgrav/grav/commit/3dd0cabeac9835fe64dcb4b68c658b39f1f6be2f",
"name" : "https://github.com/getgrav/grav/commit/3dd0cabeac9835fe64dcb4b68c658b39f1f6be2f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/getgrav/grav/commit/3dd0cabeac9835fe64dcb4b68c658b39f1f6be2f",
"name" : "https://github.com/getgrav/grav/commit/3dd0cabeac9835fe64dcb4b68c658b39f1f6be2f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/32ea4ddb-5b41-4bf9-b5a1-ef455fe2d293",
"name" : "https://huntr.dev/bounties/32ea4ddb-5b41-4bf9-b5a1-ef455fe2d293",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/32ea4ddb-5b41-4bf9-b5a1-ef455fe2d293",
"name" : "https://huntr.dev/bounties/32ea4ddb-5b41-4bf9-b5a1-ef455fe2d293",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.31",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.1,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-28T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0745",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/180f8e87-1463-43bb-a901-80031127723a",
"name" : "https://wpscan.com/vulnerability/180f8e87-1463-43bb-a901-80031127723a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/180f8e87-1463-43bb-a901-80031127723a",
"name" : "https://wpscan.com/vulnerability/180f8e87-1463-43bb-a901-80031127723a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:likebtn:like_button_rating:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.6.45",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0746",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21",
"name" : "https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21",
"name" : "https://github.com/dolibarr/dolibarr/commit/4973019630d51ad76b7c1a4141ec7a33053a7d21",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd",
"name" : "https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd",
"name" : "https://huntr.dev/bounties/b812ea22-0c02-46fe-b89f-04519dfb1ebd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "16.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-25T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0747",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2684336",
"name" : "https://plugins.trac.wordpress.org/changeset/2684336",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2684336",
"name" : "https://plugins.trac.wordpress.org/changeset/2684336",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a8575322-c2cf-486a-9c37-71a22167aac3",
"name" : "https://wpscan.com/vulnerability/a8575322-c2cf-486a-9c37-71a22167aac3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a8575322-c2cf-486a-9c37-71a22167aac3",
"name" : "https://wpscan.com/vulnerability/a8575322-c2cf-486a-9c37-71a22167aac3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id parameter before using it in a SQL statement via the qcld_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:quantumcloud:infographic_maker:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.3.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0748",
"ASSIGNER" : "report@snyk.io"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://snyk.io/vuln/SNYK-JS-POSTLOADER-2403737",
"name" : "https://snyk.io/vuln/SNYK-JS-POSTLOADER-2403737",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://snyk.io/vuln/SNYK-JS-POSTLOADER-2403737",
"name" : "https://snyk.io/vuln/SNYK-JS-POSTLOADER-2403737",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The package post-loader from 0.0.0 are vulnerable to Arbitrary Code Execution which uses a markdown parser in an unsafe way so that any javascript code inside the markdown input files gets evaluated and executed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:post-loader_project:post-loader:*:*:*:*:*:node.js:*:*",
"versionEndIncluding" : "2.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-17T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0749",
"ASSIGNER" : "report@snyk.io"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-502"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/SinGooCMS/SinGooCMSUtility/blob/master/SinGooCMS.Utility/Net/SocketClient.cs",
"name" : "https://github.com/SinGooCMS/SinGooCMSUtility/blob/master/SinGooCMS.Utility/Net/SocketClient.cs",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/SinGooCMS/SinGooCMSUtility/blob/master/SinGooCMS.Utility/Net/SocketClient.cs",
"name" : "https://github.com/SinGooCMS/SinGooCMSUtility/blob/master/SinGooCMS.Utility/Net/SocketClient.cs",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/SinGooCMS/SinGooCMSUtility/issues/1",
"name" : "https://github.com/SinGooCMS/SinGooCMSUtility/issues/1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/SinGooCMS/SinGooCMSUtility/issues/1",
"name" : "https://github.com/SinGooCMS/SinGooCMSUtility/issues/1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979",
"name" : "https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979",
"name" : "https://snyk.io/vuln/SNYK-DOTNET-SINGOOCMSUTILITY-2312979",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "This affects all versions of package SinGooCMS.Utility. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:singoo:singoocms.utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-17T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0750",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wordpress.org/plugins/photoswipe-masonry/",
"name" : "https://wordpress.org/plugins/photoswipe-masonry/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://wordpress.org/plugins/photoswipe-masonry/",
"name" : "https://wordpress.org/plugins/photoswipe-masonry/",
"refsource" : "",
"tags" : [ "Product" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/",
"name" : "https://www.wordfence.com/blog/2022/02/stored-cross-site-scripting-vulnerability-patched-in-a-wordpress-photo-gallery-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/64624d4c-3ffb-4516-a938-0accde24c79f?source=cve",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Photoswipe Masonry Gallery WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the thumbnail_width, thumbnail_height, max_image_width, and max_image_height parameters found in the ~/photoswipe-masonry.php file which allows authenticated attackers to inject arbitrary web scripts into galleries created by the plugin and on the PhotoSwipe Options page. This affects versions up to and including 1.2.14."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:thriveweb:photoswipe_masonry_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0751",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0751.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0751.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0751.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0751.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349382",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349382",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349382",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/349382",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1420660",
"name" : "https://hackerone.com/reports/1420660",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1420660",
"name" : "https://hackerone.com/reports/1420660",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an attacker to create Snippets with misleading content which could trick unsuspecting users into executing arbitrary commands"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.7",
"versionEndExcluding" : "14.7.4",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8",
"versionEndExcluding" : "14.8.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "10.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "10.0",
"versionEndExcluding" : "14.6.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0752",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"name" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"name" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/49940dd2-72c2-4607-857a-1fade7e8f080",
"name" : "https://huntr.dev/bounties/49940dd2-72c2-4607-857a-1fade7e8f080",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/49940dd2-72c2-4607-857a-1fade7e8f080",
"name" : "https://huntr.dev/bounties/49940dd2-72c2-4607-857a-1fade7e8f080",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Generic in GitHub repository hestiacp/hestiacp prior to 1.5.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.5.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-04T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0753",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"name" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"name" : "https://github.com/hestiacp/hestiacp/commit/ee10e2275139684fc9a2d32169d0da702cea5ad2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324",
"name" : "https://huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324",
"name" : "https://huntr.dev/bounties/8ce4b776-1c53-45ec-bc5f-783077e2d324",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.5.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-03T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0754",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8afb7991-c6ed-42d9-bd9b-1cc83418df88",
"name" : "https://huntr.dev/bounties/8afb7991-c6ed-42d9-bd9b-1cc83418df88",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8afb7991-c6ed-42d9-bd9b-1cc83418df88",
"name" : "https://huntr.dev/bounties/8afb7991-c6ed-42d9-bd9b-1cc83418df88",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "SQL Injection in GitHub repository salesagility/suitecrm prior to 7.12.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.12.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0755",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cc767dbc-c676-44c1-a9d1-cd17ae77ee7e",
"name" : "https://huntr.dev/bounties/cc767dbc-c676-44c1-a9d1-cd17ae77ee7e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cc767dbc-c676-44c1-a9d1-cd17ae77ee7e",
"name" : "https://huntr.dev/bounties/cc767dbc-c676-44c1-a9d1-cd17ae77ee7e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.12.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0756",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"name" : "https://github.com/salesagility/suitecrm/commit/e93b269f637de313f45b32c58cef5ec012a34f58",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/55164a63-62e4-4fb6-b4ca-87eca14f6f31",
"name" : "https://huntr.dev/bounties/55164a63-62e4-4fb6-b4ca-87eca14f6f31",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/55164a63-62e4-4fb6-b4ca-87eca14f6f31",
"name" : "https://huntr.dev/bounties/55164a63-62e4-4fb6-b4ca-87eca14f6f31",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.12.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0757",
"ASSIGNER" : "cve@rapid7.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://docs.rapid7.com/release-notes/nexpose/20220302/",
"name" : "https://docs.rapid7.com/release-notes/nexpose/20220302/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://docs.rapid7.com/release-notes/nexpose/20220302/",
"name" : "https://docs.rapid7.com/release-notes/nexpose/20220302/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow a logged-in, authenticated attacker to manipulate the \"ANY\" and \"OR\" operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "6.6.93",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-17T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0758",
"ASSIGNER" : "cve@rapid7.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://docs.rapid7.com/release-notes/nexpose/20220309/",
"name" : "https://docs.rapid7.com/release-notes/nexpose/20220309/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://docs.rapid7.com/release-notes/nexpose/20220309/",
"name" : "https://docs.rapid7.com/release-notes/nexpose/20220309/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cross site scripting vulnerability, within the shared scan configuration component of the tool. With this vulnerability an attacker could pass literal values as the test credentials, providing the opportunity for a potential XSS attack. This issue is fixed in Rapid7 Nexpose version 6.6.130."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rapid7:nexpose:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.6.130",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-17T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0759",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-295"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ManageIQ/kubeclient/issues/554",
"name" : "https://github.com/ManageIQ/kubeclient/issues/554",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ManageIQ/kubeclient/issues/554",
"name" : "https://github.com/ManageIQ/kubeclient/issues/554",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ManageIQ/kubeclient/issues/555",
"name" : "https://github.com/ManageIQ/kubeclient/issues/555",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ManageIQ/kubeclient/issues/555",
"name" : "https://github.com/ManageIQ/kubeclient/issues/555",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in all versions of kubeclient up to (but not including) v4.9.3, the Ruby client for Kubernetes REST API, in the way it parsed kubeconfig files. When the kubeconfig file does not configure custom CA to verify certs, kubeclient ends up accepting any certificate (it wrongly returns VERIFY_NONE). Ruby applications that leverage kubeclient to parse kubeconfig files are susceptible to Man-in-the-middle attacks (MITM)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:kubeclient:*:*:*:*:*:ruby:*:*",
"versionEndExcluding" : "4.9.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0760",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2684915",
"name" : "https://plugins.trac.wordpress.org/changeset/2684915",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2684915",
"name" : "https://plugins.trac.wordpress.org/changeset/2684915",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1c83ed73-ef02-45c0-a9ab-68a3468d2210",
"name" : "https://wpscan.com/vulnerability/1c83ed73-ef02-45c0-a9ab-68a3468d2210",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1c83ed73-ef02-45c0-a9ab-68a3468d2210",
"name" : "https://wpscan.com/vulnerability/1c83ed73-ef02-45c0-a9ab-68a3468d2210",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:quantumcloud:simple_link_directory:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.7.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0762",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3",
"name" : "https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3",
"name" : "https://github.com/microweber/microweber/commit/76361264d9fdfff38a1af79c63141455cc4d36e3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48",
"name" : "https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48",
"name" : "https://huntr.dev/bounties/125b5244-5099-485e-bf75-e5f1ed80dd48",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3.\n\n"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-26T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0763",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf",
"name" : "https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf",
"name" : "https://github.com/microweber/microweber/commit/c897d0dc159849763a813184d9b75b966c6360bf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6",
"name" : "https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6",
"name" : "https://huntr.dev/bounties/6de9c621-740d-4d7a-9d77-d90c6c87f3b6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-26T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0764",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c",
"name" : "https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c",
"name" : "https://github.com/strapi/strapi/commit/2a3f5e988be6a2c7dae5ac22b9e86d579b462f4c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/strapi/strapi/issues/12879",
"name" : "https://github.com/strapi/strapi/issues/12879",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/strapi/strapi/issues/12879",
"name" : "https://github.com/strapi/strapi/issues/12879",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5",
"name" : "https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5",
"name" : "https://huntr.dev/bounties/001d1c29-805a-4035-93bb-71a0e81da3e5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-26T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0765",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/58838f51-323d-41e0-8c85-8e113dc2c587",
"name" : "https://wpscan.com/vulnerability/58838f51-323d-41e0-8c85-8e113dc2c587",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/58838f51-323d-41e0-8c85-8e113dc2c587",
"name" : "https://wpscan.com/vulnerability/58838f51-323d-41e0-8c85-8e113dc2c587",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Loco Translate WordPress plugin before 2.6.1 does not properly remove inline events from elements in the source translation strings before outputting them in the editor in the plugin admin panel, allowing any user with access to the plugin (Translator and Administrator by default) to add arbitrary javascript payloads to the source strings leading to a stored cross-site scripting (XSS) vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:loco_translate_project:loco_translate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0766",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"name" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"name" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7f2a5bb4-e6c7-4b6a-b8eb-face9e3add7b",
"name" : "https://huntr.dev/bounties/7f2a5bb4-e6c7-4b6a-b8eb-face9e3add7b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7f2a5bb4-e6c7-4b6a-b8eb-face9e3add7b",
"name" : "https://huntr.dev/bounties/7f2a5bb4-e6c7-4b6a-b8eb-face9e3add7b",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.17",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T07:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0767",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"name" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"name" : "https://github.com/janeczku/calibre-web/commit/965352c8d96c9eae7a6867ff76b0db137d04b0b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b26fc127-9b6a-4be7-a455-58aefbb62d9e",
"name" : "https://huntr.dev/bounties/b26fc127-9b6a-4be7-a455-58aefbb62d9e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b26fc127-9b6a-4be7-a455-58aefbb62d9e",
"name" : "https://huntr.dev/bounties/b26fc127-9b6a-4be7-a455-58aefbb62d9e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.17."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.17",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "HIGH",
"baseScore" : 9.9,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.3
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-07T07:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0768",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/rudloff/alltube/commit/148a171b240e7ceb076b9e198bef412de14ac55d",
"name" : "https://github.com/rudloff/alltube/commit/148a171b240e7ceb076b9e198bef412de14ac55d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/rudloff/alltube/commit/148a171b240e7ceb076b9e198bef412de14ac55d",
"name" : "https://github.com/rudloff/alltube/commit/148a171b240e7ceb076b9e198bef412de14ac55d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9b14cc46-ec08-4940-83cc-9f986b2a5903",
"name" : "https://huntr.dev/bounties/9b14cc46-ec08-4940-83cc-9f986b2a5903",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9b14cc46-ec08-4940-83cc-9f986b2a5903",
"name" : "https://huntr.dev/bounties/9b14cc46-ec08-4940-83cc-9f986b2a5903",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository rudloff/alltube prior to 3.0.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:alltubedownload:alltube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-02-28T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0769",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/05eab45d-ebe9-440f-b9c3-73ec40ef1141",
"name" : "https://wpscan.com/vulnerability/05eab45d-ebe9-440f-b9c3-73ec40ef1141",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/05eab45d-ebe9-440f-b9c3-73ec40ef1141",
"name" : "https://wpscan.com/vulnerability/05eab45d-ebe9-440f-b9c3-73ec40ef1141",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote AJAX action (available to both unauthenticated and authenticated users), leading to an SQL Injection."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:usersultra:users_ultra:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0770",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/49abe79c-ab1c-4dbf-824c-8daaac7e079d",
"name" : "https://wpscan.com/vulnerability/49abe79c-ab1c-4dbf-824c-8daaac7e079d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/49abe79c-ab1c-4dbf-824c-8daaac7e079d",
"name" : "https://wpscan.com/vulnerability/49abe79c-ab1c-4dbf-824c-8daaac7e079d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Translate WordPress with GTranslate WordPress plugin before 2.9.9 does not have CSRF check in some files, and write debug data such as user's cookies in a publicly accessible file if a specific parameter is used when requesting them. Combining those two issues, an attacker could gain access to a logged in admin cookies by making them open a malicious link or page"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gtranslate:translate_wordpress_with_gtranslate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.9.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0771",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/6139e732-88f2-42cb-9dc3-42ad49731e75",
"name" : "https://wpscan.com/vulnerability/6139e732-88f2-42cb-9dc3-42ad49731e75",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6139e732-88f2-42cb-9dc3-42ad49731e75",
"name" : "https://wpscan.com/vulnerability/6139e732-88f2-42cb-9dc3-42ad49731e75",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SiteSuperCharger WordPress plugin before 5.2.0 does not validate, sanitise and escape various user inputs before using them in SQL statements via AJAX actions (available to both unauthenticated and authenticated users), leading to Unauthenticated SQL Injections"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:marketingheroes:sitesupercharger:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0772",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281",
"name" : "https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281",
"name" : "https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09",
"name" : "https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09",
"name" : "https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-02-27T22:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0773",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc",
"name" : "https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc",
"name" : "https://wpscan.com/vulnerability/55b89de0-30ed-4f98-935e-51f069faf6fc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Documentor WordPress plugin through 1.5.3 fails to sanitize and escape user input before it is being interpolated in an SQL statement and then executed, leading to an SQL Injection exploitable by unauthenticated users."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:documentor_project:documentor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0775",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/",
"name" : "https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/",
"name" : "https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/",
"refsource" : "",
"tags" : [ "Release Notes" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2683324",
"name" : "https://plugins.trac.wordpress.org/changeset/2683324",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2683324",
"name" : "https://plugins.trac.wordpress.org/changeset/2683324",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/",
"name" : "https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/",
"name" : "https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:woocommerce:woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
}
},
"publishedDate" : "2024-01-16T16:15Z",
"lastModifiedDate" : "2025-06-11T17:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0776",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2",
"name" : "https://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2",
"name" : "https://github.com/hakimel/reveal.js/commit/32cdd3b1872ba8e2267c9e87ae216cb55f40f4d2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001",
"name" : "https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001",
"name" : "https://huntr.dev/bounties/be2b7ee4-f487-42e1-874a-6bcc410e4001",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - DOM in GitHub repository hakimel/reveal.js prior to 4.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:*",
"versionEndExcluding" : "4.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-01T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0777",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-640"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f",
"name" : "https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f",
"name" : "https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7",
"name" : "https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7",
"name" : "https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-01T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0778",
"ASSIGNER" : "openssl-security@openssl.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-835"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html",
"name" : "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html",
"name" : "http://packetstormsecurity.com/files/167344/OpenSSL-1.0.2-1.1.1-3.0-BN_mod_sqrt-Infinite-Loop.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/33",
"name" : "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/33",
"name" : "20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/35",
"name" : "20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/38",
"name" : "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/May/38",
"name" : "20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-712929.pdf",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=3118eb64934499d93db3230748a452351d1d9a65",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=380085481c64de749a6dd25cdf0bcf4360b30f83",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246",
"name" : "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a466912611aa6cbdf550cd10601390e587451246",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html",
"name" : "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html",
"name" : "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html",
"name" : "[debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/03/msg00024.html",
"name" : "[debian-lts-announce] 20220317 [SECURITY] [DLA 2953-1] openssl1.0 security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/",
"name" : "FEDORA-2022-9e88b5d8d7",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/323SNN6ZX7PRJJWP2BUAFLPUAE42XWLZ/",
"name" : "FEDORA-2022-9e88b5d8d7",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/",
"name" : "FEDORA-2022-a5f51502f0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GDB3GQVJPXJE7X5C5JN6JAA4XUDWD6E6/",
"name" : "FEDORA-2022-a5f51502f0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/",
"name" : "FEDORA-2022-8bb51f6901",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W6K3PR542DXWLEFFMFIDMME4CWMHJRMG/",
"name" : "FEDORA-2022-8bb51f6901",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002",
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002",
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0002",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-02",
"name" : "GLSA-202210-02",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-02",
"name" : "GLSA-202210-02",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220321-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220321-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220321-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220321-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220429-0005/",
"name" : "https://security.netapp.com/advisory/ntap-20220429-0005/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220429-0005/",
"name" : "https://security.netapp.com/advisory/ntap-20220429-0005/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20240621-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20240621-0006/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20240621-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20240621-0006/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://support.apple.com/kb/HT213255",
"name" : "https://support.apple.com/kb/HT213255",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213255",
"name" : "https://support.apple.com/kb/HT213255",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213256",
"name" : "https://support.apple.com/kb/HT213256",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213257",
"name" : "https://support.apple.com/kb/HT213257",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213257",
"name" : "https://support.apple.com/kb/HT213257",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5103",
"name" : "DSA-5103",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5103",
"name" : "DSA-5103",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.openssl.org/news/secadv/20220315.txt",
"name" : "https://www.openssl.org/news/secadv/20220315.txt",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.openssl.org/news/secadv/20220315.txt",
"name" : "https://www.openssl.org/news/secadv/20220315.txt",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"name" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"name" : "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-06",
"name" : "https://www.tenable.com/security/tns-2022-06",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-06",
"name" : "https://www.tenable.com/security/tns-2022-06",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-07",
"name" : "https://www.tenable.com/security/tns-2022-07",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-07",
"name" : "https://www.tenable.com/security/tns-2022-07",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-08",
"name" : "https://www.tenable.com/security/tns-2022-08",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-08",
"name" : "https://www.tenable.com/security/tns-2022-08",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-09",
"name" : "https://www.tenable.com/security/tns-2022-09",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.tenable.com/security/tns-2022-09",
"name" : "https://www.tenable.com/security/tns-2022-09",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self-signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.0.0",
"versionEndExcluding" : "3.0.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.0.2",
"versionEndExcluding" : "1.0.2zd",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.1.0",
"versionEndExcluding" : "1.1.1n",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:cloud_volumes_ontap_mediator:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.0.0",
"versionEndExcluding" : "10.1.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.15.4",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.3.0",
"versionEndExcluding" : "10.3.33",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.4.0",
"versionEndExcluding" : "10.4.23",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.5.0",
"versionEndExcluding" : "10.5.14",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.7.0",
"versionEndExcluding" : "10.7.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.6.0",
"versionEndExcluding" : "10.6.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "10.2.0",
"versionEndExcluding" : "10.2.42",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding" : "12.0.0",
"versionEndIncluding" : "12.12.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartExcluding" : "17.0.0",
"versionEndExcluding" : "17.7.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"versionStartIncluding" : "16.13.0",
"versionEndExcluding" : "16.14.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"versionStartIncluding" : "14.15.0",
"versionEndExcluding" : "14.19.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
"versionStartIncluding" : "12.13.0",
"versionEndExcluding" : "12.22.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartExcluding" : "16.0.0",
"versionEndIncluding" : "16.12.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartExcluding" : "14.0.0",
"versionEndIncluding" : "14.14.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-15T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0779",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd",
"name" : "https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd",
"name" : "https://wpscan.com/vulnerability/9d4a3f09-b011-4d87-ab63-332e505cf1cd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-08T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0780",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0ee7d1a8-9782-4db5-b055-e732f2763825",
"name" : "https://wpscan.com/vulnerability/0ee7d1a8-9782-4db5-b055-e732f2763825",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0ee7d1a8-9782-4db5-b055-e732f2763825",
"name" : "https://wpscan.com/vulnerability/0ee7d1a8-9782-4db5-b055-e732f2763825",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SearchIQ WordPress plugin before 3.9 contains a flag to disable the verification of CSRF nonces, granting unauthenticated attackers access to the siq_ajax AJAX action and allowing them to perform Cross-Site Scripting attacks due to the lack of sanitisation and escaping in the customCss parameter"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:searchiq:searchiq:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0781",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161",
"name" : "https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161",
"name" : "https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nirweb:nirweb_support:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.8.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-23T08:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0782",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b81e824c-d2b1-4381-abee-18c42bb5c2f5",
"name" : "https://wpscan.com/vulnerability/b81e824c-d2b1-4381-abee-18c42bb5c2f5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b81e824c-d2b1-4381-abee-18c42bb5c2f5",
"name" : "https://wpscan.com/vulnerability/b81e824c-d2b1-4381-abee-18c42bb5c2f5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Donations WordPress plugin through 1.8 does not sanitise and escape the nd_donations_id parameter before using it in a SQL statement via the nd_donations_single_cause_form_validate_fields_php_function AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:donations_project:donations:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0783",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4d594424-8048-482d-b61c-45be1e97a8ba",
"name" : "https://wpscan.com/vulnerability/4d594424-8048-482d-b61c-45be1e97a8ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4d594424-8048-482d-b61c-45be1e97a8ba",
"name" : "https://wpscan.com/vulnerability/4d594424-8048-482d-b61c-45be1e97a8ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Multiple Shipping Address Woocommerce WordPress plugin before 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:themehigh:multiple_shipping_addresses_for_woocommerce:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0784",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f",
"name" : "https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f",
"name" : "https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:title_experiments_free_project:title_experiments_free:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "9.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0785",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255",
"name" : "https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255",
"name" : "https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Daily Prayer Time WordPress plugin before 2022.03.01 does not sanitise and escape the month parameter before using it in a SQL statement via the get_monthly_timetable AJAX action (available to unauthenticated users), leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2022.03.01",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0786",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30",
"name" : "https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30",
"name" : "https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The KiviCare WordPress plugin before 2.3.9 does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:iqonic:kivicare:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.3.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0787",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd",
"name" : "https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd",
"name" : "https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Limit Login Attempts (Spam Protection) WordPress plugin before 5.1 does not sanitise and escape some parameters before using them in SQL statements via AJAX actions (available to unauthenticated users), leading to SQL Injections"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:limit_login_attempts_project:limit_login_attempts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0788",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"name" : "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"name" : "https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Fundraising Donation and Crowdfunding Platform WordPress plugin before 1.5.0 does not sanitise and escape a parameter before using it in a SQL statement via one of it's REST route, leading to an SQL injection exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpmet:fundengine:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-08T10:15Z",
"lastModifiedDate" : "2024-12-05T17:12Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0789",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1289383",
"name" : "https://crbug.com/1289383",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1289383",
"name" : "https://crbug.com/1289383",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0790",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274077",
"name" : "https://crbug.com/1274077",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1274077",
"name" : "https://crbug.com/1274077",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially perform a sandbox escape via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0791",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278322",
"name" : "https://crbug.com/1278322",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1278322",
"name" : "https://crbug.com/1278322",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Omnibox in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via user interactions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0792",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1285885",
"name" : "https://crbug.com/1285885",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1285885",
"name" : "https://crbug.com/1285885",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out of bounds read in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0793",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1291728",
"name" : "https://crbug.com/1291728",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1291728",
"name" : "https://crbug.com/1291728",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Cast in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension and engage in specific user interaction to potentially exploit heap corruption via a crafted Chrome Extension."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0794",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1294097",
"name" : "https://crbug.com/1294097",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1294097",
"name" : "https://crbug.com/1294097",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in WebShare in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0795",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-843"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282782",
"name" : "https://crbug.com/1282782",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1282782",
"name" : "https://crbug.com/1282782",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Type confusion in Blink Layout in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0796",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1295786",
"name" : "https://crbug.com/1295786",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1295786",
"name" : "https://crbug.com/1295786",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0797",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281908",
"name" : "https://crbug.com/1281908",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1281908",
"name" : "https://crbug.com/1281908",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0798",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283402",
"name" : "https://crbug.com/1283402",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283402",
"name" : "https://crbug.com/1283402",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0799",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-59"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1279188",
"name" : "https://crbug.com/1279188",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1279188",
"name" : "https://crbug.com/1279188",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0800",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1242962",
"name" : "https://crbug.com/1242962",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1242962",
"name" : "https://crbug.com/1242962",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in Cast UI in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0801",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1231037",
"name" : "https://crbug.com/1231037",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1231037",
"name" : "https://crbug.com/1231037",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in HTML parser in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass XSS preventions via a crafted HTML page. (Chrome security severity: Medium)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2023-01-02T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0802",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270052",
"name" : "https://crbug.com/1270052",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1270052",
"name" : "https://crbug.com/1270052",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0803",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1280233",
"name" : "https://crbug.com/1280233",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1280233",
"name" : "https://crbug.com/1280233",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Permissions in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to tamper with the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0804",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1264561",
"name" : "https://crbug.com/1264561",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1264561",
"name" : "https://crbug.com/1264561",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 99.0.4844.51 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0805",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1290700",
"name" : "https://crbug.com/1290700",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1290700",
"name" : "https://crbug.com/1290700",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Browser Switcher in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via user interaction."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0806",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283434",
"name" : "https://crbug.com/1283434",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1283434",
"name" : "https://crbug.com/1283434",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in screen sharing to potentially leak cross-origin data via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0807",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1287364",
"name" : "https://crbug.com/1287364",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1287364",
"name" : "https://crbug.com/1287364",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Inappropriate implementation in Autofill in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0808",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1292271",
"name" : "https://crbug.com/1292271",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1292271",
"name" : "https://crbug.com/1292271",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Chrome OS Shell in Google Chrome on Chrome OS prior to 99.0.4844.51 allowed a remote attacker who convinced a user to engage in a series of user interaction to potentially exploit heap corruption via user interactions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0809",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1293428",
"name" : "https://crbug.com/1293428",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1293428",
"name" : "https://crbug.com/1293428",
"refsource" : "",
"tags" : [ "Issue Tracking", "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out of bounds memory access in WebXR in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.51",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-05T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0811",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2059475",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2059475",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2059475",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2059475",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7",
"name" : "https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7",
"name" : "https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.23.0",
"versionEndExcluding" : "1.23.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.22.0",
"versionEndExcluding" : "1.22.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.21.0",
"versionEndExcluding" : "1.21.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.20.0",
"versionEndExcluding" : "1.20.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "1.19.0",
"versionEndExcluding" : "1.19.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0812",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0812",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0812",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0812",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0812",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058361",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2058955",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=912288442cb2f431bf3c8cb097a5de83bc6dbac1",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20230427-0011/",
"name" : "https://security.netapp.com/advisory/ntap-20230427-0011/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20230427-0011/",
"name" : "https://security.netapp.com/advisory/ntap-20230427-0011/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://ubuntu.com/security/CVE-2022-0812",
"name" : "https://ubuntu.com/security/CVE-2022-0812",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://ubuntu.com/security/CVE-2022-0812",
"name" : "https://ubuntu.com/security/CVE-2022-0812",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An information leak flaw was found in NFS over RDMA in the net/sunrpc/xprtrdma/rpc_rdma.c in the Linux Kernel. This flaw allows an attacker with normal user privileges to leak kernel information."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.8.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.8.0:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.8.0:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.8.0:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.8.0:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.8.0:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0813",
"ASSIGNER" : "cve-coordination@incibe.es"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://security.gentoo.org/glsa/202311-17",
"name" : "GLSA-202311-17",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202311-17",
"name" : "GLSA-202311-17",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information",
"name" : "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information",
"name" : "https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/",
"name" : "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/",
"name" : "https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0814",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269",
"name" : "https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269",
"name" : "https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ubigeo de Perú para Woocommerce WordPress plugin before 3.6.4 does not properly sanitise and escape some parameters before using them in SQL statements via various AJAX actions, some of which are available to unauthenticated users, leading to SQL Injections"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ubigeo_de_peru_para_woocommerce_project:ubigeo_de_peru_para_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.6.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0815",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-668"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://service.mcafee.com/?articleId=TS103273&page=shell&shell=article-view",
"name" : "https://service.mcafee.com/?articleId=TS103273&page=shell&shell=article-view",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://service.mcafee.com/?articleId=TS103273&page=shell&shell=article-view",
"name" : "https://service.mcafee.com/?articleId=TS103273&page=shell&shell=article-view",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:webadvisor:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "8.1.0.1895",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "LOW",
"baseScore" : 7.3,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0817",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/69263610-f454-4f27-80af-be523d25659e",
"name" : "https://wpscan.com/vulnerability/69263610-f454-4f27-80af-be523d25659e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/69263610-f454-4f27-80af-be523d25659e",
"name" : "https://wpscan.com/vulnerability/69263610-f454-4f27-80af-be523d25659e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The BadgeOS WordPress plugin through 3.7.0 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:badgeos:badgeos:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.7.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0818",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c43fabb4-b388-462c-adc4-c6b25af7043b",
"name" : "https://wpscan.com/vulnerability/c43fabb4-b388-462c-adc4-c6b25af7043b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c43fabb4-b388-462c-adc4-c6b25af7043b",
"name" : "https://wpscan.com/vulnerability/c43fabb4-b388-462c-adc4-c6b25af7043b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WooCommerce Affiliate Plugin WordPress plugin before 4.16.4.5 does not have authorization and CSRF checks on a specific action handler, as well as does not sanitize its settings, which enables an unauthenticated attacker to inject malicious XSS payloads into the settings page of the plugin."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:yithemes:woocommerce_affiliate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.16.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0819",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075",
"name" : "https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075",
"name" : "https://github.com/dolibarr/dolibarr/commit/2a48dd349e7de0d4a38e448b0d2ecbe25e968075",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5",
"name" : "https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5",
"name" : "https://huntr.dev/bounties/b03d4415-d4f9-48c8-9ae2-d3aa248027b5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Code Injection in GitHub repository dolibarr/dolibarr prior to 15.0.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "15.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0820",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6",
"name" : "https://huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6",
"name" : "https://huntr.dev/bounties/d00e7175-4764-4962-ae0d-a66501dda2e6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0821",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0019eb1c-8bf9-4bd0-a27f-aadc173515cb",
"name" : "https://huntr.dev/bounties/0019eb1c-8bf9-4bd0-a27f-aadc173515cb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/0019eb1c-8bf9-4bd0-a27f-aadc173515cb",
"name" : "https://huntr.dev/bounties/0019eb1c-8bf9-4bd0-a27f-aadc173515cb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T00:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0822",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"name" : "https://github.com/orchardcms/orchardcore/commit/b7096af1028d8f909f63dd076d1bbd573913a92d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/06971613-b6ab-4b96-8aa6-4982bfcfeb73",
"name" : "https://huntr.dev/bounties/06971613-b6ab-4b96-8aa6-4982bfcfeb73",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/06971613-b6ab-4b96-8aa6-4982bfcfeb73",
"name" : "https://huntr.dev/bounties/06971613-b6ab-4b96-8aa6-4982bfcfeb73",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:orchardcore:orchardcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0823",
"ASSIGNER" : "security@zyxel.com.tw"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml",
"name" : "https://www.zyxel.com/support/Zyxel-security-advisory-for-password-guessing-vulnerability-of-GS1200-series-switches.shtml",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:gs1200-5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.00\\(abkm.1\\)",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:gs1200-5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:gs1200-5hp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.00\\(abkn.1\\)",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:gs1200-5hp:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:gs1200-8_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.00\\(abme.1\\)",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:gs1200-8:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:gs1200-8hp_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.00\\(abmf.1\\)",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:gs1200-8hp:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.2,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.5,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-09T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0824",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166240/Webmin-1.984-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/166240/Webmin-1.984-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166240/Webmin-1.984-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/166240/Webmin-1.984-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/169700/Webmin-1.984-File-Manager-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/169700/Webmin-1.984-File-Manager-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/169700/Webmin-1.984-File-Manager-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/169700/Webmin-1.984-File-Manager-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://github.com/webmin/webmin/commit/39ea464f0c40b325decd6a5bfb7833fa4a142e38",
"name" : "https://github.com/webmin/webmin/commit/39ea464f0c40b325decd6a5bfb7833fa4a142e38",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/webmin/webmin/commit/39ea464f0c40b325decd6a5bfb7833fa4a142e38",
"name" : "https://github.com/webmin/webmin/commit/39ea464f0c40b325decd6a5bfb7833fa4a142e38",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295",
"name" : "https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295",
"name" : "https://huntr.dev/bounties/d0049a96-de90-4b1a-9111-94de1044f295",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"name" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"name" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.990",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0825",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2693545",
"name" : "https://plugins.trac.wordpress.org/changeset/2693545",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2693545",
"name" : "https://plugins.trac.wordpress.org/changeset/2693545",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1a92a65f-e9df-41b5-9a1c-8e24ee9bf50e",
"name" : "https://wpscan.com/vulnerability/1a92a65f-e9df-41b5-9a1c-8e24ee9bf50e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1a92a65f-e9df-41b5-9a1c-8e24ee9bf50e",
"name" : "https://wpscan.com/vulnerability/1a92a65f-e9df-41b5-9a1c-8e24ee9bf50e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing appointments, allowing any customer to update other's booking status, as well as retrieve sensitive information about the bookings, such as the full name and phone number of the person who booked it."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.49",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0826",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5",
"name" : "https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5",
"name" : "https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp-video-gallery-free_project:wp-video-gallery-free:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0827",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be",
"name" : "https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be",
"name" : "https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:presspage:bestbooks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.6.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0828",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-338"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb",
"name" : "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb",
"name" : "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:w3eden:download_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.2.34",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2025-03-21T16:07Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0829",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9",
"name" : "https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9",
"name" : "https://github.com/webmin/webmin/commit/eeeea3c097f5cc473770119f7ac61f1dcfa671b9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e",
"name" : "https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e",
"name" : "https://huntr.dev/bounties/f2d0389f-d7d1-4f34-9f9d-268b0a0da05e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"name" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"name" : "https://notes.netbytesec.com/2022/03/webmin-broken-access-control-to-post-auth-rce.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Authorization in GitHub repository webmin/webmin prior to 1.990."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.990",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-02T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0830",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/114c0202-39f8-4748-ac0d-013d2d6f02f7",
"name" : "https://wpscan.com/vulnerability/114c0202-39f8-4748-ac0d-013d2d6f02f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/114c0202-39f8-4748-ac0d-013d2d6f02f7",
"name" : "https://wpscan.com/vulnerability/114c0202-39f8-4748-ac0d-013d2d6f02f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The FormBuilder WordPress plugin through 1.08 does not have CSRF checks in place when creating/updating and deleting forms, and does not sanitise as well as escape its form field values. As a result, attackers could make logged in admin update and delete arbitrary forms via a CSRF attack, and put Cross-Site Scripting payloads in them."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:formbuilder_project:formbuilder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.08",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0831",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/e786fd44aac46febdbf916ed6c328fbe645d80bf",
"name" : "https://github.com/pimcore/pimcore/commit/e786fd44aac46febdbf916ed6c328fbe645d80bf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/e786fd44aac46febdbf916ed6c328fbe645d80bf",
"name" : "https://github.com/pimcore/pimcore/commit/e786fd44aac46febdbf916ed6c328fbe645d80bf",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4152e3a7-27a1-49eb-a6eb-a57506af104f",
"name" : "https://huntr.dev/bounties/4152e3a7-27a1-49eb-a6eb-a57506af104f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4152e3a7-27a1-49eb-a6eb-a57506af104f",
"name" : "https://huntr.dev/bounties/4152e3a7-27a1-49eb-a6eb-a57506af104f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.3.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-04T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0832",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/8ab06bfbb5a05a1b190731d9c7476ec45f5ee878",
"name" : "https://github.com/pimcore/pimcore/commit/8ab06bfbb5a05a1b190731d9c7476ec45f5ee878",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/8ab06bfbb5a05a1b190731d9c7476ec45f5ee878",
"name" : "https://github.com/pimcore/pimcore/commit/8ab06bfbb5a05a1b190731d9c7476ec45f5ee878",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/be450b60-bc8f-4585-96a5-3c4069f1186a",
"name" : "https://huntr.dev/bounties/be450b60-bc8f-4585-96a5-3c4069f1186a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/be450b60-bc8f-4585-96a5-3c4069f1186a",
"name" : "https://huntr.dev/bounties/be450b60-bc8f-4585-96a5-3c4069f1186a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.3.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "10.3.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-04T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0833",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b2c7c1e8-d72c-4b1e-b5cb-dc2a6538965d",
"name" : "https://wpscan.com/vulnerability/b2c7c1e8-d72c-4b1e-b5cb-dc2a6538965d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b2c7c1e8-d72c-4b1e-b5cb-dc2a6538965d",
"name" : "https://wpscan.com/vulnerability/b2c7c1e8-d72c-4b1e-b5cb-dc2a6538965d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Church Admin WordPress plugin before 3.4.135 does not have authorisation and CSRF in some of its action as well as requested files, allowing unauthenticated attackers to repeatedly request the \"refresh-backup\" action, and simultaneously keep requesting a publicly accessible temporary file generated by the plugin in order to disclose the final backup filename, which can then be fetched by the attacker to download the backup of the plugin's DB data"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:church_admin_project:church_admin:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.4.135",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0834",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/73f12f22-c0a4-4010-9634-ce7308254028?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/73f12f22-c0a4-4010-9634-ce7308254028?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/73f12f22-c0a4-4010-9634-ce7308254028?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/73f12f22-c0a4-4010-9634-ce7308254028?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0834",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0834",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0834",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0834",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the lastName parameter found in the ~/src/Application/Controller/User/Customer/AddCustomerController.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user accesses the booking calendar with the date the attacker has injected the malicious payload into. This affects versions up to and including 1.0.46."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpamelia:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.46",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0835",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-312"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf",
"name" : "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf",
"name" : "https://www.aveva.com/content/dam/aveva/documents/support/cyber-security-updates/SecurityBulletin_AVEVA-2021-007.pdf",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-067-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aveva:system_platform:2020:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aveva:system_platform:2020:r2s:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aveva:system_platform:2020:r2_patch01:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 1.9
},
"severity" : "LOW",
"exploitabilityScore" : 3.4,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0836",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/2a226ae8-7d9c-4f47-90af-8a399a08f03f",
"name" : "https://wpscan.com/vulnerability/2a226ae8-7d9c-4f47-90af-8a399a08f03f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/2a226ae8-7d9c-4f47-90af-8a399a08f03f",
"name" : "https://wpscan.com/vulnerability/2a226ae8-7d9c-4f47-90af-8a399a08f03f",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SEMA API WordPress plugin before 4.02 does not properly sanitise and escape some parameters before using them in SQL statements via an AJAX action, leading to SQL Injections exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:semadatacoop:sema_api:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.02",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0837",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a",
"name" : "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a",
"name" : "https://wpscan.com/vulnerability/0882e5c0-f319-4994-9346-aa18438fda6a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia SMS service, allowing any customer to send paid test SMS notification as well as retrieve sensitive information about the admin, such as the email, account balance and payment history. A malicious actor can abuse this vulnerability to drain out the account balance by keep sending SMS notification."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.48",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0838",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hestiacp/hestiacp/commit/640f822d306ffb3eddf8ce2f46de75d7344283c1",
"name" : "https://github.com/hestiacp/hestiacp/commit/640f822d306ffb3eddf8ce2f46de75d7344283c1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hestiacp/hestiacp/commit/640f822d306ffb3eddf8ce2f46de75d7344283c1",
"name" : "https://github.com/hestiacp/hestiacp/commit/640f822d306ffb3eddf8ce2f46de75d7344283c1",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bd2fb1f1-cc8b-4ef7-8e2b-4ca686d8d614",
"name" : "https://huntr.dev/bounties/bd2fb1f1-cc8b-4ef7-8e2b-4ca686d8d614",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/bd2fb1f1-cc8b-4ef7-8e2b-4ca686d8d614",
"name" : "https://huntr.dev/bounties/bd2fb1f1-cc8b-4ef7-8e2b-4ca686d8d614",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.5.10."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.5.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-04T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0839",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381",
"name" : "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381",
"name" : "https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381",
"refsource" : "",
"tags" : [ "Patch" ]
}, {
"url" : "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70",
"name" : "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70",
"name" : "https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Restriction of XML External Entity Reference in GitHub repository liquibase/liquibase prior to 4.8.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:liquibase:liquibase:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.8.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:sqlcl:19c:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-04T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0840",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9da884a9-b4dd-4de0-9afa-722f772cf2df",
"name" : "https://wpscan.com/vulnerability/9da884a9-b4dd-4de0-9afa-722f772cf2df",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9da884a9-b4dd-4de0-9afa-722f772cf2df",
"name" : "https://wpscan.com/vulnerability/9da884a9-b4dd-4de0-9afa-722f772cf2df",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cybernetikz:easy_social_icons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0841",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8",
"name" : "https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8",
"name" : "https://github.com/ljharb/npm-lockfile/commit/bfdb84813260f0edbf759f2fde1e8c816c1478b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1",
"name" : "https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1",
"name" : "https://huntr.dev/bounties/4f806dc9-2ecd-4e79-997e-5292f1bea9f1",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "OS Command Injection in GitHub repository ljharb/npm-lockfile in v2.0.3 and v2.0.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:npm-lockfile_project:npm-lockfile:2.0.3:*:*:*:*:node.js:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:npm-lockfile_project:npm-lockfile:2.0.4:*:*:*:*:node.js:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-03T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0842",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A blind SQL injection vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote authenticated attacker to potentially obtain information from the ePO database. The data obtained is dependent on the privileges the attacker has and to obtain sensitive data the attacker would require administrator privileges."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0843",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508",
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508",
"name" : "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1746523%2C1749062%2C1749164%2C1749214%2C1749610%2C1750032%2C1752100%2C1752405%2C1753612%2C1754508",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-10/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-10/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-10/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-10/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "97.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-12-22T20:15Z",
"lastModifiedDate" : "2025-04-16T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0844",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-09-06T18:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0845",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pytorchlightning/pytorch-lightning/commit/8b7a12c52e52a06408e9231647839ddb4665e8ae",
"name" : "https://github.com/pytorchlightning/pytorch-lightning/commit/8b7a12c52e52a06408e9231647839ddb4665e8ae",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pytorchlightning/pytorch-lightning/commit/8b7a12c52e52a06408e9231647839ddb4665e8ae",
"name" : "https://github.com/pytorchlightning/pytorch-lightning/commit/8b7a12c52e52a06408e9231647839ddb4665e8ae",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a795bf93-c91e-4c79-aae8-f7d8bda92e2a",
"name" : "https://huntr.dev/bounties/a795bf93-c91e-4c79-aae8-f7d8bda92e2a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a795bf93-c91e-4c79-aae8-f7d8bda92e2a",
"name" : "https://huntr.dev/bounties/a795bf93-c91e-4c79-aae8-f7d8bda92e2a",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Code Injection in GitHub repository pytorchlightning/pytorch-lightning prior to 1.6.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lightningai:pytorch_lightning:*:*:*:*:*:python:*:*",
"versionEndExcluding" : "1.6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-05T22:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0846",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/b030296d-688e-44a4-a48a-140375f2c5f4",
"name" : "https://wpscan.com/vulnerability/b030296d-688e-44a4-a48a-140375f2c5f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/b030296d-688e-44a4-a48a-140375f2c5f4",
"name" : "https://wpscan.com/vulnerability/b030296d-688e-44a4-a48a-140375f2c5f4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SpeakOut! Email Petitions WordPress plugin before 2.14.15.1 does not sanitise and escape the id parameter before using it in a SQL statement via the dk_speakout_sendmail AJAX action, leading to an SQL Injection exploitable by unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:speakout\\!_email_petitions_project:speakout\\!_email_petitions:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.14.15.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-28T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0847",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-665"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html",
"name" : "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060795",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060795",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://dirtypipe.cm4all.com/",
"name" : "https://dirtypipe.cm4all.com/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015",
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0005/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0005/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.suse.com/support/kb/doc/?id=000020603",
"name" : "https://www.suse.com/support/kb/doc/?id=000020603",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166229/Dirty-Pipe-Linux-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.suse.com/support/kb/doc/?id=000020603",
"name" : "https://www.suse.com/support/kb/doc/?id=000020603",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220325-0005/",
"name" : "https://security.netapp.com/advisory/ntap-20220325-0005/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015",
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0015",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://dirtypipe.cm4all.com/",
"name" : "https://dirtypipe.cm4all.com/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf",
"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-222547.pdf",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060795",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060795",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html",
"name" : "http://packetstormsecurity.com/files/176534/Linux-4.20-KTLS-Read-Only-Write.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166258/Dirty-Pipe-Local-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/166230/Dirty-Pipe-SUID-Binary-Hijack-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the way the \"flags\" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.11",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.15",
"versionEndExcluding" : "5.15.25",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.8",
"versionEndExcluding" : "5.10.102",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ovirt:ovirt-engine:4.4.10.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:sonicwall:sma1000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "12.4.2-02044",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:sonicwall:sma1000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2025-07-30T19:10Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0848",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166217/part-db-0.5.11-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/166217/part-db-0.5.11-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166217/part-db-0.5.11-Remote-Code-Execution.html",
"name" : "http://packetstormsecurity.com/files/166217/part-db-0.5.11-Remote-Code-Execution.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://github.com/part-db/part-db/commit/9cd4eee393028aa4cab70fcbac284b0028c0bc95",
"name" : "https://github.com/part-db/part-db/commit/9cd4eee393028aa4cab70fcbac284b0028c0bc95",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/part-db/part-db/commit/9cd4eee393028aa4cab70fcbac284b0028c0bc95",
"name" : "https://github.com/part-db/part-db/commit/9cd4eee393028aa4cab70fcbac284b0028c0bc95",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3e91685f-cfb9-4ee4-abaf-9b712a8fd5a6",
"name" : "https://huntr.dev/bounties/3e91685f-cfb9-4ee4-abaf-9b712a8fd5a6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3e91685f-cfb9-4ee4-abaf-9b712a8fd5a6",
"name" : "https://huntr.dev/bounties/3e91685f-cfb9-4ee4-abaf-9b712a8fd5a6",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:part-db_project:part-db:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.5.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-04T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0849",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24",
"name" : "https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24",
"name" : "https://github.com/radareorg/radare2/commit/10517e3ff0e609697eb8cde60ec8dc999ee5ea24",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/29c5f76e-5f1f-43ab-a0c8-e31951e407b6",
"name" : "https://huntr.dev/bounties/29c5f76e-5f1f-43ab-a0c8-e31951e407b6",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/29c5f76e-5f1f-43ab-a0c8-e31951e407b6",
"name" : "https://huntr.dev/bounties/29c5f76e-5f1f-43ab-a0c8-e31951e407b6",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-05T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0850",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0850",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0850",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0850",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0850",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060606",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060606",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060606",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060606",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce3aba43599f0b50adbebff133df8d08a3d5fffe",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"name" : "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"name" : "https://syzkaller.appspot.com/bug?id=78e9ad0e6952a3ca16e8234724b2fa92d041b9b8",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.5",
"versionEndExcluding" : "4.9.276",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.10",
"versionEndExcluding" : "4.14.240",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.15",
"versionEndExcluding" : "4.19.198",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.13",
"versionEndExcluding" : "5.13.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.12.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "5.4.132",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.5.0",
"versionEndExcluding" : "5.10.50",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.4.276",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.2
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0851",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0851",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0851",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0851",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0851",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060217",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060217",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060217",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060217",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line via e.g. htop or ps. The specific impact varies upon the subscription, but generally this would allow an attacker to register systems purchased by the victim until discovered; a form of fraud. This could occur regardless of how the activation key is supplied to convert2rhel because it involves how convert2rhel provides it to subscription-manager."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:convert2rhel_project:convert2rhel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0852",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0852",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0852",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0852",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0852",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060129",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4",
"name" : "https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4",
"name" : "https://github.com/oamg/convert2rhel/commit/8d72fb030ed31116fdb256b327d299337b000af4",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/oamg/convert2rhel/pull/492",
"name" : "https://github.com/oamg/convert2rhel/pull/492",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/oamg/convert2rhel/pull/492",
"name" : "https://github.com/oamg/convert2rhel/pull/492",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://issues.redhat.com/browse/RHELC-432",
"name" : "https://issues.redhat.com/browse/RHELC-432",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://issues.redhat.com/browse/RHELC-432",
"name" : "https://issues.redhat.com/browse/RHELC-432",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is a flaw in convert2rhel. convert2rhel passes the Red Hat account password to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the password via the process command line via e.g. htop or ps. The specific impact varies upon the privileges of the Red Hat account in question, but it could affect the integrity, availability, and/or data confidentiality of other systems that are administered by that account. This occurs regardless of how the password is supplied to convert2rhel."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:convert2rhel_project:convert2rhel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.26",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0853",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-401"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060725",
"refsource" : "",
"tags" : [ "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/CVE-2022-0853",
"name" : "https://github.com/ByteHackr/CVE-2022-0853",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/CVE-2022-0853",
"name" : "https://github.com/ByteHackr/CVE-2022-0853",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in JBoss-client. The vulnerability occurs due to a memory leak on the JBoss client-side, when using UserTransaction repeatedly and leads to information leakage vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:descision_manager:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:jboss_enterprise_application_platform_expansion_pack:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0854",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-401"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5161",
"name" : "DSA-5161",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5161",
"name" : "DSA-5161",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "5.16",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0855",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-706"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber-dev/whmcs_plugin/commit/2e7a11d332db79cc52ccda00455a15f4dc6147ff",
"name" : "https://github.com/microweber-dev/whmcs_plugin/commit/2e7a11d332db79cc52ccda00455a15f4dc6147ff",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber-dev/whmcs_plugin/commit/2e7a11d332db79cc52ccda00455a15f4dc6147ff",
"name" : "https://github.com/microweber-dev/whmcs_plugin/commit/2e7a11d332db79cc52ccda00455a15f4dc6147ff",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/511879b0-cdaa-4c03-af92-deb54d46284a",
"name" : "https://huntr.dev/bounties/511879b0-cdaa-4c03-af92-deb54d46284a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/511879b0-cdaa-4c03-af92-deb54d46284a",
"name" : "https://huntr.dev/bounties/511879b0-cdaa-4c03-af92-deb54d46284a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Resolution of Path Equivalence in GitHub repository microweber-dev/whmcs_plugin prior to 0.0.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:whmcs:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.0.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-04T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0856",
"ASSIGNER" : "patrick@puiterwijk.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-369"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/cacalabs/libcaca/issues/65",
"name" : "https://github.com/cacalabs/libcaca/issues/65",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/cacalabs/libcaca/issues/65",
"name" : "https://github.com/cacalabs/libcaca/issues/65",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3E5GF2LSX2ZEY5JZNM7HXJMLHMY436X/",
"name" : "FEDORA-2023-335e8b2908",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3E5GF2LSX2ZEY5JZNM7HXJMLHMY436X/",
"name" : "FEDORA-2023-335e8b2908",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTDRPVX3HCYLQCLMQ6NNSRC3B7L6WGUM/",
"name" : "FEDORA-2023-7248587205",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTDRPVX3HCYLQCLMQ6NNSRC3B7L6WGUM/",
"name" : "FEDORA-2023-7248587205",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFOFTTMHO666HB3TVHBMCES6GCKG5PPG/",
"name" : "FEDORA-2023-8282501ffb",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFOFTTMHO666HB3TVHBMCES6GCKG5PPG/",
"name" : "FEDORA-2023-8282501ffb",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libcaca_project:libcaca:0.99:beta20:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0857",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A reflected cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO due to the area of the User Interface the vulnerability is present in."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0858",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A cross-site scripting (XSS) vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to potentially obtain access to an ePO administrator's session by convincing the attacker to click on a carefully crafted link. This would lead to limited ability to alter some information in ePO due to the area of the User Interface the vulnerability is present in."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0859",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-522"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a local attacker to point an ePO server to an arbitrary SQL server during the restoration of the ePO server. To achieve this the attacker would have to be logged onto the server hosting the ePO server (restricted to administrators) and to know the SQL server password."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0860",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa",
"name" : "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa",
"name" : "https://github.com/cobbler/cobbler/commit/9044aa990a94752fa5bd5a24051adde099280bfa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d",
"name" : "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d",
"name" : "https://huntr.dev/bounties/c458b868-63df-414e-af10-47e3745caa1d",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/",
"name" : "FEDORA-2022-445ec90e7c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D4KCNZYBQC2FM5SEEDRQZO4LRZ4ZECMG/",
"name" : "FEDORA-2022-445ec90e7c",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/",
"name" : "FEDORA-2022-224e71968f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DYWYHWVVRUSPCV5SWBOSAMQJQLTSBTKY/",
"name" : "FEDORA-2022-224e71968f",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/",
"name" : "FEDORA-2022-ad2b0ad61b",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYSHMF6MEIITFAG7EJ3IQKVUN7MDV2XM/",
"name" : "FEDORA-2022-ad2b0ad61b",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Authorization in GitHub repository cobbler/cobbler prior to 3.3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.3.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0861",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-611"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A XML Extended entity vulnerability in McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote administrator attacker to upload a malicious XML file through the extension import functionality. The impact is limited to some access to confidential information and some ability to alter data."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 3.8,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.2,
"impactScore" : 2.5
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0862",
"ASSIGNER" : "trellixpsirt@trellix.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A lack of password change protection vulnerability in a depreciated API of McAfee Enterprise ePolicy Orchestrator (ePO) prior to 5.10 Update 13 allows a remote attacker to change the password of a compromised session without knowing the existing user's password. This functionality was removed from the User Interface in ePO 10 and the API has now been disabled. Other protection is in place to reduce the likelihood of this being successful through sending a link to a logged in user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.10.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_8:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_9:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_10:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_11:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mcafee:epolicy_orchestrator:5.10.0:update_12:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0863",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a30212a0-c910-4657-aee1-4a2d72c77983",
"name" : "https://wpscan.com/vulnerability/a30212a0-c910-4657-aee1-4a2d72c77983",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a30212a0-c910-4657-aee1-4a2d72c77983",
"name" : "https://wpscan.com/vulnerability/a30212a0-c910-4657-aee1-4a2d72c77983",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp_svg_icons_project:wp_svg_icons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0864",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166631/WordPress-UpdraftPlus-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/166631/WordPress-UpdraftPlus-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166631/WordPress-UpdraftPlus-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/166631/WordPress-UpdraftPlus-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872",
"name" : "https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872",
"name" : "https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.22.9 does not sanitise and escape the updraft_interval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.22.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0865",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-617"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/385",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/385",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/385",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/385",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/306",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/306",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/306",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/306",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Reachable Assertion in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 5e180045."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0866",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060929#c0",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060929#c0",
"refsource" : "",
"tags" : [ "Issue Tracking", "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060929#c0",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2060929#c0",
"refsource" : "",
"tags" : [ "Issue Tracking", "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "This is a concurrency issue that can result in the wrong caller principal being returned from the session context of an EJB that is configured with a RunAs principal. In particular, the org.jboss.as.ejb3.component.EJBComponent class has an incomingRunAsIdentity field. This field is used by the org.jboss.as.ejb3.security.RunAsPrincipalInterceptor to keep track of the current identity prior to switching to a new identity created using the RunAs principal. The exploit consist that the EJBComponent#incomingRunAsIdentity field is currently just a SecurityIdentity. This means in a concurrent environment, where multiple users are repeatedly invoking an EJB that is configured with a RunAs principal, it's possible for the wrong the caller principal to be returned from EJBComponent#getCallerPrincipal. Similarly, it's also possible for EJBComponent#isCallerInRole to return the wrong value. Both of these methods rely on incomingRunAsIdentity. Affects all versions of JBoss EAP from 7.1.0 and all versions of WildFly 11+ when Elytron is enabled."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:wildfly:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "11.0.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-10T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0867",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494",
"name" : "https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494",
"name" : "https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:reputeinfosystems:pricing_table:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.6.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0868",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/medialize/uri.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509",
"name" : "https://github.com/medialize/uri.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/medialize/uri.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509",
"name" : "https://github.com/medialize/uri.js/commit/a8166fe02f3af6dc1b2b888dcbb807155aad9509",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5f4db013-64bd-4a6b-9dad-870c296b0b02",
"name" : "https://huntr.dev/bounties/5f4db013-64bd-4a6b-9dad-870c296b0b02",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5f4db013-64bd-4a6b-9dad-870c296b0b02",
"name" : "https://huntr.dev/bounties/5f4db013-64bd-4a6b-9dad-870c296b0b02",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect in GitHub repository medialize/uri.js prior to 1.19.10."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:uri.js_project:uri.js:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.19.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-06T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0869",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/nitely/spirit/commit/8f32f89654d6c30d56e0dd167059d32146fb32ef",
"name" : "https://github.com/nitely/spirit/commit/8f32f89654d6c30d56e0dd167059d32146fb32ef",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/nitely/spirit/commit/8f32f89654d6c30d56e0dd167059d32146fb32ef",
"name" : "https://github.com/nitely/spirit/commit/8f32f89654d6c30d56e0dd167059d32146fb32ef",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ed335a88-f68c-4e4d-ac85-f29a51b03342",
"name" : "https://huntr.dev/bounties/ed335a88-f68c-4e4d-ac85-f29a51b03342",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ed335a88-f68c-4e4d-ac85-f29a51b03342",
"name" : "https://huntr.dev/bounties/ed335a88-f68c-4e4d-ac85-f29a51b03342",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:spirit-project:spirit:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.12.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-06T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0870",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-918"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb",
"name" : "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb",
"name" : "https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531",
"name" : "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531",
"name" : "https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.12.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0871",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78",
"name" : "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78",
"name" : "https://github.com/gogs/gogs/commit/64102be2c90e1b47dbdd379873ba76c80d4b0e78",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62",
"name" : "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62",
"name" : "https://huntr.dev/bounties/ea82cfc9-b55c-41fe-ae58-0d0e0bd7ab62",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository gogs/gogs prior to 0.12.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.12.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0873",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/d5ce4b8a-9aa5-4df8-b521-c2105990a87e",
"name" : "https://wpscan.com/vulnerability/d5ce4b8a-9aa5-4df8-b521-c2105990a87e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/d5ce4b8a-9aa5-4df8-b521-c2105990a87e",
"name" : "https://wpscan.com/vulnerability/d5ce4b8a-9aa5-4df8-b521-c2105990a87e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album's name before outputting it in pages/posts with a media embed, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered-html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:codeasily:gmedia_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.20.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0874",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/36cdd130-9bb7-4274-bac6-07d00008d810",
"name" : "https://wpscan.com/vulnerability/36cdd130-9bb7-4274-bac6-07d00008d810",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/36cdd130-9bb7-4274-bac6-07d00008d810",
"name" : "https://wpscan.com/vulnerability/36cdd130-9bb7-4274-bac6-07d00008d810",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp-experts:wp_social_buttons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0875",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/fefc1411-594d-465b-aeb9-78c141b23762",
"name" : "https://wpscan.com/vulnerability/fefc1411-594d-465b-aeb9-78c141b23762",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/fefc1411-594d-465b-aeb9-78c141b23762",
"name" : "https://wpscan.com/vulnerability/fefc1411-594d-465b-aeb9-78c141b23762",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Google Authenticator WordPress plugin before 1.0.5 does not have CSRF check when saving its settings, and does not sanitise as well as escape them, allowing attackers to make a logged in admin change them and perform Cross-Site Scripting attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:miniorange:google_authenticator:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0876",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a",
"name" : "https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a",
"name" : "https://wpscan.com/vulnerability/73be6e92-ea37-4416-977d-52ee2afa022a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when unfiltered_html is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpdevart:social_comments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0877",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6",
"name" : "https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6",
"name" : "https://github.com/bookstackapp/bookstack/commit/856fca8289b7370cafa033ea21c408e7d4303fd6",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c",
"name" : "https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c",
"name" : "https://huntr.dev/bounties/b04df4e3-ae5a-4dc6-81ec-496248b15f3c",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "22.02.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-08T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0878",
"ASSIGNER" : "vulnerability@ncsc.ch"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.brokenwire.fail/",
"name" : "https://www.brokenwire.fail/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.brokenwire.fail/",
"name" : "https://www.brokenwire.fail/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Electric Vehicle (EV) commonly utilises the Combined Charging System (CCS) for DC rapid charging. To exchange important messages such as the State of Charge (SoC) with the Electric Vehicle Supply Equipment (EVSE) CCS uses a high-bandwidth IP link provided by the HomePlug Green PHY (HPGP) power-line communication (PLC) technology. The attack interrupts necessary control communication between the vehicle and charger, causing charging sessions to abort. The attack can be conducted wirelessly from a distance using electromagnetic interference, allowing individual vehicles or entire fleets to be disrupted simultaneously. In addition, the attack can be mounted with off-the-shelf radio hardware and minimal technical knowledge. With a power budget of 1 W, the attack is successful from around 47 m distance. The exploited behavior is a required part of the HomePlug Green PHY, DIN 70121 & ISO 15118 standards and all known implementations exhibit it. In addition to electric cars, Brokenwire affects electric ships, airplanes and heavy duty vehicles utilising these standards."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:combined_charging_system_project:combined_charging_system_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:combined_charging_system_project:combined_charging_system:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "ADJACENT_NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 3.3
},
"severity" : "LOW",
"exploitabilityScore" : 6.5,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-12T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0879",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c12f6087-1875-4edf-ac32-bec6f712968d",
"name" : "https://wpscan.com/vulnerability/c12f6087-1875-4edf-ac32-bec6f712968d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c12f6087-1875-4edf-ac32-bec6f712968d",
"name" : "https://wpscan.com/vulnerability/c12f6087-1875-4edf-ac32-bec6f712968d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Caldera Forms WordPress plugin before 1.9.7 does not validate and escape the cf-api parameter before outputting it back in the response, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:calderaforms:caldera_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.9.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0880",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/818d7fe731f452acccacf731ce47ec27ad68049c",
"name" : "https://github.com/star7th/showdoc/commit/818d7fe731f452acccacf731ce47ec27ad68049c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/818d7fe731f452acccacf731ce47ec27ad68049c",
"name" : "https://github.com/star7th/showdoc/commit/818d7fe731f452acccacf731ce47ec27ad68049c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/df347aa9-ed9b-4f75-af99-c83b8aad3bcf",
"name" : "https://huntr.dev/bounties/df347aa9-ed9b-4f75-af99-c83b8aad3bcf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/df347aa9-ed9b-4f75-af99-c83b8aad3bcf",
"name" : "https://huntr.dev/bounties/df347aa9-ed9b-4f75-af99-c83b8aad3bcf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showdoc prior to 2.10.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-12T04:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0881",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-922"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chocobozzz/peertube/commit/0c058f256a195b92f124be10109c95d1fbe93ad8",
"name" : "https://github.com/chocobozzz/peertube/commit/0c058f256a195b92f124be10109c95d1fbe93ad8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chocobozzz/peertube/commit/0c058f256a195b92f124be10109c95d1fbe93ad8",
"name" : "https://github.com/chocobozzz/peertube/commit/0c058f256a195b92f124be10109c95d1fbe93ad8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2628431e-6a98-4063-a0e3-a8b1d9ebaa9c",
"name" : "https://huntr.dev/bounties/2628431e-6a98-4063-a0e3-a8b1d9ebaa9c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2628431e-6a98-4063-a0e3-a8b1d9ebaa9c",
"name" : "https://huntr.dev/bounties/2628431e-6a98-4063-a0e3-a8b1d9ebaa9c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure Storage of Sensitive Information in GitHub repository chocobozzz/peertube prior to 4.1.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:framasoft:peertube:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-09T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0882",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugs.fuchsia.dev/p/fuchsia/issues/detail?id=94740",
"name" : "https://bugs.fuchsia.dev/p/fuchsia/issues/detail?id=94740",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
}, {
"url" : "https://bugs.fuchsia.dev/p/fuchsia/issues/detail?id=94740",
"name" : "https://bugs.fuchsia.dev/p/fuchsia/issues/detail?id=94740",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:google:fuchsia:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-03T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0883",
"ASSIGNER" : "security@snowsoftware.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-428"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://community.snowsoftware.com/s/feed/0D5690000BsNCO6CQO",
"name" : "https://community.snowsoftware.com/s/feed/0D5690000BsNCO6CQO",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://community.snowsoftware.com/s/feed/0D5690000BsNCO6CQO",
"name" : "https://community.snowsoftware.com/s/feed/0D5690000BsNCO6CQO",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "SLM has an issue with Windows Unquoted/Trusted Service Paths Security Issue. All installations version 9.x.x prior to 9.20.1 should be patched."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "9.0.0",
"versionEndExcluding" : "9.20.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-18T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0884",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2690776",
"name" : "https://plugins.trac.wordpress.org/changeset/2690776",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2690776",
"name" : "https://plugins.trac.wordpress.org/changeset/2690776",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/af06b96c-105f-429c-b2ad-c8c823897dba",
"name" : "https://wpscan.com/vulnerability/af06b96c-105f-429c-b2ad-c8c823897dba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/af06b96c-105f-429c-b2ad-c8c823897dba",
"name" : "https://wpscan.com/vulnerability/af06b96c-105f-429c-b2ad-c8c823897dba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Profile Builder WordPress plugin before 3.6.8 does not sanitise and escape Form Fields titles and description, which could allow high privilege user such as admin to perform Criss-Site Scripting attacks even when unfiltered_html is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0885",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/8b08b72e-5584-4f25-ab73-5ab0f47412df",
"name" : "https://wpscan.com/vulnerability/8b08b72e-5584-4f25-ab73-5ab0f47412df",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/8b08b72e-5584-4f25-ab73-5ab0f47412df",
"name" : "https://wpscan.com/vulnerability/8b08b72e-5584-4f25-ab73-5ab0f47412df",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:memberhero:member_hero:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-13T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0886",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-27666. Reason: This candidate is a reservation duplicate of CVE-2022-27666. Notes: All CVE users should reference CVE-2022-27666 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-03-23T14:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0887",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a6c1676d-9dcb-45f6-833a-9545bccd0ad6",
"name" : "https://wpscan.com/vulnerability/a6c1676d-9dcb-45f6-833a-9545bccd0ad6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a6c1676d-9dcb-45f6-833a-9545bccd0ad6",
"name" : "https://wpscan.com/vulnerability/a6c1676d-9dcb-45f6-833a-9545bccd0ad6",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cybernetikz:easy_social_icons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.1.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0888",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607",
"name" : "https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607",
"name" : "https://gist.github.com/Xib3rR4dAr/5f0accbbfdee279c68ed144da9cd8607",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/f00eeaef-f277-481f-9e18-bf1ced0015a0?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888",
"name" : "https://www.wordfence.com/vulnerability-advisories/#CVE-2022-0888",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it possible for unauthenticated attackers to upload malicious files that can be used to obtain remote code execution, in versions up to and including 3.3.0"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ninjaforms:ninja_forms_file_uploads:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0889",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021)",
"name" : "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021)",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021)",
"name" : "https://ninjaforms.com/extensions/file-uploads/?changelog=1/#:~:text=3.3.13%20(30%20November%202021)",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8c5642fa-d001-47c4-8acd-94ae944e5129?source=cve",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to reflected cross-site scripting due to missing sanitization of the files filename parameter found in the ~/includes/ajax/controllers/uploads.php file which can be used by unauthenticated attackers to add malicious web scripts to vulnerable WordPress sites, in versions up to and including 3.3.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ninjaforms:ninja_forms_file_uploads:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.3.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0890",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"name" : "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"name" : "https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"name" : "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"name" : "https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NULL Pointer Dereference in GitHub repository mruby/mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.1
},
"severity" : "HIGH",
"exploitabilityScore" : 8.6,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-10T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0891",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"name" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"name" : "https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/380",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/380",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/380",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/380",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/382",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/382",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/382",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/382",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndIncluding" : "4.3.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 4.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-10T17:44Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0892",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e5d95261-a243-493f-be6a-3c15ccb65435",
"name" : "https://wpscan.com/vulnerability/e5d95261-a243-493f-be6a-3c15ccb65435",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e5d95261-a243-493f-be6a-3c15ccb65435",
"name" : "https://wpscan.com/vulnerability/e5d95261-a243-493f-be6a-3c15ccb65435",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Export All URLs WordPress plugin before 4.2 does not sanitise and escape the CSV filename before outputting it back in the page, leading to a Reflected Cross-Site Scripting"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlasgondal:export_all_urls:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0893",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2859a1c1-941c-4efc-a3ad-a0657c7a77e9",
"name" : "https://huntr.dev/bounties/2859a1c1-941c-4efc-a3ad-a0657c7a77e9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2859a1c1-941c-4efc-a3ad-a0657c7a77e9",
"name" : "https://huntr.dev/bounties/2859a1c1-941c-4efc-a3ad-a0657c7a77e9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0894",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/18f8e85e-3cbf-4915-b649-8cffe99daa95",
"name" : "https://huntr.dev/bounties/18f8e85e-3cbf-4915-b649-8cffe99daa95",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/18f8e85e-3cbf-4915-b649-8cffe99daa95",
"name" : "https://huntr.dev/bounties/18f8e85e-3cbf-4915-b649-8cffe99daa95",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0895",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470",
"name" : "https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470",
"name" : "https://github.com/microweber/microweber/commit/b2baab6e582b2efe63788d367a2bb61a2fa26470",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d",
"name" : "https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d",
"name" : "https://huntr.dev/bounties/3c070828-fd00-476c-be33-9c877172363d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Static Code Injection in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0896",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5",
"name" : "https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5",
"name" : "https://github.com/microweber/microweber/commit/e0224462b3dd6b1f7c6ec1197413afc6019bc3b5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0",
"name" : "https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0",
"name" : "https://huntr.dev/bounties/113056f1-7a78-4205-9f42-940ad41d8df0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-09T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0897",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063883",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063883",
"refsource" : "",
"tags" : [ "Issue Tracking" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063883",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063883",
"refsource" : "",
"tags" : [ "Issue Tracking" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html",
"name" : "[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html",
"name" : "[debian-lts-announce] 20240401 [SECURITY] [DLA 3778-1] libvirt security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-06",
"name" : "GLSA-202210-06",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-06",
"name" : "GLSA-202210-06",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.1.1",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0898",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"name" : "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"name" : "https://wpscan.com/vulnerability/f51d8345-3927-4be2-8145-e201371c8c43",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The IgniteUp WordPress plugin through 3.4.1 does not sanitise and escape some fields when high privilege users don't have the unfiltered_html capability, which could lead to Stored Cross-Site Scripting issues"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:getigniteup:igniteup:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.4.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0899",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1",
"name" : "https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1",
"name" : "https://wpscan.com/vulnerability/1772417a-1abb-4d97-9694-1254840defd1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Header Footer Code Manager WordPress plugin before 1.1.24 does not escape generated URLs before outputting them back in attributes in an admin page, leading to a Reflected Cross-Site Scripting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.24",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-07-25T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0900",
"ASSIGNER" : "cve@usom.gov.tr"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.usom.gov.tr/bildirim/tr-22-0375",
"name" : "https://www.usom.gov.tr/bildirim/tr-22-0375",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.usom.gov.tr/bildirim/tr-22-0375",
"name" : "https://www.usom.gov.tr/bildirim/tr-22-0375",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NetDataSoft DivvyDrive allows Stored XSS.This issue affects DivvyDrive: from unspecified before v.4.6.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netdatasoft:divvy_drive:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.6.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-23T14:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0901",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166626/WordPress-Ad-Inserter-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/166626/WordPress-Ad-Inserter-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166626/WordPress-Ad-Inserter-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/166626/WordPress-Ad-Inserter-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba",
"name" : "https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba",
"name" : "https://wpscan.com/vulnerability/85582b4f-a40a-4394-9834-0c88c5dc57ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Ad Inserter Free and Pro WordPress plugins before 2.7.12 do not sanitise and escape the REQUEST_URI before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ad_inserter_project:ad_inserter:*:*:*:*:free:wordpress:*:*",
"versionEndExcluding" : "2.7.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ad_inserter_project:ad_inserter:*:*:*:*:pro:wordpress:*:*",
"versionEndExcluding" : "2.7.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0902",
"ASSIGNER" : "cybersecurity@ch.abb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927&LanguageCode=en&DocumentPartId=&Action=Launch&_ga",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927&LanguageCode=en&DocumentPartId=&Action=Launch&_ga",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927&LanguageCode=en&DocumentPartId=&Action=Launch&_ga",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108467A0927&LanguageCode=en&DocumentPartId=&Action=Launch&_ga",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:rmc-100_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2105457-037",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:rmc-100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:rmc-100-lite_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2106229-011",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:rmc-100-lite:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:xio_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2106198-008",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:xio:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:xfcg5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2105805-016",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:xfcg5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:xrcg5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2105864-016",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:xrcg5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:uflog5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2105298-024",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:uflog5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:udc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2106177-007",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:udc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0903",
"ASSIGNER" : "responsibledisclosure@mattermost.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.3.0",
"versionEndExcluding" : "6.3.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.37.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.0.0",
"versionEndExcluding" : "6.1.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.2.0",
"versionEndExcluding" : "6.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:45Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0904",
"ASSIGNER" : "responsibledisclosure@mattermost.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages document."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.3.0",
"versionEndExcluding" : "6.3.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.0.0",
"versionEndExcluding" : "6.1.3",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.0.0",
"versionEndExcluding" : "5.37.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "6.2.0",
"versionEndExcluding" : "6.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T17:45Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0905",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2",
"name" : "https://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2",
"name" : "https://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb",
"name" : "https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb",
"name" : "https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitea:gitea:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.16.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 4.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-10T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0906",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68",
"name" : "https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68",
"name" : "https://github.com/microweber/microweber/commit/d9bae9df873c2d2a13a2eb08d512019d49ebca68",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8",
"name" : "https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8",
"name" : "https://huntr.dev/bounties/87ed3b42-9824-49b0-91a5-fd908a0601e8",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted file upload leads to stored XSS in GitHub repository microweber/microweber prior to 1.1.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-10T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0907",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-252"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/392",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/392",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/392",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/392",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/314",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/314",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/314",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/314",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unchecked Return Value to NULL Pointer Dereference in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f2b656e2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0908",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-476"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85",
"name" : "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85",
"name" : "https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/383",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/383",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/383",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/383",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Null source pointer passed as an argument to memcpy() function within TIFFFetchNormalTag () in tif_dirread.c in libtiff versions up to 4.3.0 could lead to Denial of Service via crafted TIFF file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "4.3.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0909",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-369"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/393",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/393",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/393",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/393",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/310",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/310",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/310",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/310",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Divide By Zero error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f8d0f9aa."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0910",
"ASSIGNER" : "security@zyxel.com.tw"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"name" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"name" : "https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A downgrade from two-factor authentication to one-factor authentication vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.32 through 4.71, USG FLEX series firmware versions 4.50 through 5.21, ATP series firmware versions 4.32 through 5.21, and VPN series firmware versions 4.32 through 5.21, that could allow an authenticated attacker to bypass the second authentication phase to connect the IPsec VPN server even though the two-factor authentication (2FA) was enabled."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_110_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_110:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_1100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_1100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_1900_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_1900:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_20w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_20w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_310_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_40_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_40:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_40w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_40w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_60_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_60:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_60w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_60w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.50",
"versionEndIncluding" : "5.21",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg20_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg20:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg210_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg210:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg2200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg2200:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg300:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zyxel:usg310_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.32",
"versionEndIncluding" : "4.71",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:zyxel:usg310:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-24T03:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0911",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"name" : "https://github.com/pimcore/pimcore/commit/6e0922c5b2959ac1b48500ac508d8fc5a97286f9",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b242edb1-b036-4dca-9b53-891494dd7a77",
"name" : "https://huntr.dev/bounties/b242edb1-b036-4dca-9b53-891494dd7a77",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b242edb1-b036-4dca-9b53-891494dd7a77",
"name" : "https://huntr.dev/bounties/b242edb1-b036-4dca-9b53-891494dd7a77",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "10.3.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-16T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0912",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789",
"name" : "https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789",
"name" : "https://github.com/microweber/microweber/commit/24245297231f5dc88bb3a2b20d0e4e25b0ebc789",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54",
"name" : "https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54",
"name" : "https://huntr.dev/bounties/ae5bb359-7e53-498b-848e-540c05b44c54",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0913",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583",
"name" : "https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583",
"name" : "https://github.com/microweber/microweber/commit/7559e141d0707f8eeff2f9aeaa5a0ca2e3fe6583",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f",
"name" : "https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f",
"name" : "https://huntr.dev/bounties/f5f3e468-663b-4df0-8340-a2d77e4cc75f",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Integer Overflow or Wraparound in GitHub repository microweber/microweber prior to 1.3."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0914",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/c328be28-75dd-43db-a5b9-c1ba0636c930",
"name" : "https://wpscan.com/vulnerability/c328be28-75dd-43db-a5b9-c1ba0636c930",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c328be28-75dd-43db-a5b9-c1ba0636c930",
"name" : "https://wpscan.com/vulnerability/c328be28-75dd-43db-a5b9-c1ba0636c930",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Export All URLs WordPress plugin before 4.3 does not have CSRF in place when exporting data, which could allow attackers to make a logged in admin export all posts and pages (including private and draft) into an arbitrary CSV file, which the attacker can then download and retrieve the list of titles for example"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:atlasgondal:export_all_urls:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0915",
"ASSIGNER" : "cve-coordination@logitech.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-367"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://prosupport.logi.com/hc/en-us/articles/360040085114-Download-Logitech-Sync",
"name" : "https://prosupport.logi.com/hc/en-us/articles/360040085114-Download-Logitech-Sync",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://prosupport.logi.com/hc/en-us/articles/360040085114-Download-Logitech-Sync",
"name" : "https://prosupport.logi.com/hc/en-us/articles/360040085114-Download-Logitech-Sync",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is a Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability in Logitech Sync for Windows prior to 2.4.574. Successful exploitation of these vulnerabilities may escalate the permission to the system user."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:logitech:sync:*:*:*:*:*:windows:*:*",
"versionEndExcluding" : "2.4.574",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.0,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-12T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0916",
"ASSIGNER" : "cve-coordination@logitech.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.logi.com/hc/en-us/articles/360025297893",
"name" : "https://support.logi.com/hc/en-us/articles/360025297893",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.logi.com/hc/en-us/articles/360025297893",
"name" : "https://support.logi.com/hc/en-us/articles/360025297893",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An issue was discovered in Logitech Options. The OAuth 2.0 state parameter was not properly validated. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:logitech:options:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.60.87",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-03T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0918",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0918",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0918",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0918",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0918",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055815",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055815",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055815",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2055815",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/389ds/389-ds-base/issues/5242",
"name" : "https://github.com/389ds/389-ds-base/issues/5242",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/389ds/389-ds-base/issues/5242",
"name" : "https://github.com/389ds/389-ds-base/issues/5242",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"name" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"name" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:port389:389-ds-base:1.4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-16T15:15Z",
"lastModifiedDate" : "2025-02-13T17:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0919",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4",
"name" : "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4",
"name" : "https://wpscan.com/vulnerability/e8f32e0b-4a89-460b-bb78-7c83ef5e16b4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper authorisation when searching bookings, allowing any unauthenticated users to search other's booking, as well as retrieve sensitive information about the bookings, such as the full name, email and phone number of the person who booked it."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.6.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0920",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0",
"name" : "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0",
"name" : "https://wpscan.com/vulnerability/5a5ab7a8-be67-4f70-925c-9cb1eff2fbe0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper authorisation in some of its endpoints, which could allow customers to access all bookings and other customer's data"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:salonbookingsystem:salon_booking_system:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "7.6.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0921",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318",
"name" : "https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318",
"name" : "https://github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622",
"name" : "https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622",
"name" : "https://huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0922",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-088-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-088-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-088-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-088-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The software does not perform any authentication for critical system functionality."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:philips:e-alert_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.7",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:philips:e-alert:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"accessVector" : "ADJACENT_NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 5.7
},
"severity" : "MEDIUM",
"exploitabilityScore" : 5.5,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0923",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) has a blind SQL injection vulnerability that exists in HandlerDialog_KID.ashx. This allows an attacker to inject arbitrary SQL queries, retrieve and modify database contents, and execute system commands."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.8.02.004",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0924",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/278",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/278",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/278",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/278",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/311",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/311",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/311",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/311",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNT2GFNRLOMKJ5KXM6JIHKBNBFDVZPD3/",
"name" : "FEDORA-2022-c39720a0ed",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQ4E654ZYUUUQNBKYQFXNK2CV3CPWTM2/",
"name" : "FEDORA-2022-e2996202a0",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0002/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5108",
"name" : "DSA-5108",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0925",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-12-12T22:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0926",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120",
"name" : "https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120",
"name" : "https://github.com/microweber/microweber/commit/89200cfcc2cfefe5554721e7fa3cf52f6a2a9120",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17",
"name" : "https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17",
"name" : "https://huntr.dev/bounties/dc5d1555-0108-4627-b542-93352f35fa17",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-12T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0928",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a",
"name" : "https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a",
"name" : "https://github.com/microweber/microweber/commit/fc9137c031f7edec5f50d73b300919fb519c924a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd",
"name" : "https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd",
"name" : "https://huntr.dev/bounties/085aafdd-ba50-44c7-9650-fa573da29bcd",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-11T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0929",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256",
"name" : "https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256",
"name" : "https://github.com/microweber/microweber/commit/de6d17b52d261902653fbdd2ecefcaac82e54256",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03",
"name" : "https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03",
"name" : "https://huntr.dev/bounties/66abf7ec-2dd7-4cb7-87f5-e91375883f03",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-12T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0930",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e",
"name" : "https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e",
"name" : "https://github.com/microweber/microweber/commit/33eb4cc0f80c1f86388c1862a8aee1061fa5d72e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993",
"name" : "https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993",
"name" : "https://huntr.dev/bounties/d184ce19-9608-42f1-bc3d-06ece2d9a993",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-12T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0931",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: Red Hat Product Security does not consider this to be a vulnerability. Upstream has not acknowledged this issue as a security flaw."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2024-02-08T23:15Z",
"lastModifiedDate" : "2024-02-08T23:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0932",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d",
"name" : "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d",
"name" : "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"name" : "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"name" : "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:saleor:saleor:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0934",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0934",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0934",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2057075",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2057075",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html",
"name" : "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html",
"refsource" : "",
"tags" : [ "Mailing List", "Vendor Advisory" ]
}, {
"url" : "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39",
"name" : "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-0934",
"name" : "https://access.redhat.com/security/cve/CVE-2022-0934",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39",
"name" : "https://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commit%3Bh=03345ecefeb0d82e3c3a4c28f27c3554f0611b39",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html",
"name" : "https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2022q1/016272.html",
"refsource" : "",
"tags" : [ "Mailing List", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2057075",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2057075",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.87",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2025-06-10T14:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0935",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-116"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/ce96791cb4c7420266b668fc234c211914259ba7",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/ce96791cb4c7420266b668fc234c211914259ba7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/livehelperchat/livehelperchat/commit/ce96791cb4c7420266b668fc234c211914259ba7",
"name" : "https://github.com/livehelperchat/livehelperchat/commit/ce96791cb4c7420266b668fc234c211914259ba7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a7e40fdf-a333-4a50-8a53-d11b16ce3ec2",
"name" : "https://huntr.dev/bounties/a7e40fdf-a333-4a50-8a53-d11b16ce3ec2",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a7e40fdf-a333-4a50-8a53-d11b16ce3ec2",
"name" : "https://huntr.dev/bounties/a7e40fdf-a333-4a50-8a53-d11b16ce3ec2",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:livehelperchat:live_helper_chat:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.97",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-07T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0936",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/autolab/autolab/commit/02d76ab3737689bba95ffe9a1c69ca5166d71c6b",
"name" : "https://github.com/autolab/autolab/commit/02d76ab3737689bba95ffe9a1c69ca5166d71c6b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/autolab/autolab/commit/02d76ab3737689bba95ffe9a1c69ca5166d71c6b",
"name" : "https://github.com/autolab/autolab/commit/02d76ab3737689bba95ffe9a1c69ca5166d71c6b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/90701766-bfed-409e-b3dd-6ff884373968",
"name" : "https://huntr.dev/bounties/90701766-bfed-409e-b3dd-6ff884373968",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/90701766-bfed-409e-b3dd-6ff884373968",
"name" : "https://huntr.dev/bounties/90701766-bfed-409e-b3dd-6ff884373968",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autolab prior to 2.8.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:autolabproject:autolab:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.8.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T07:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0937",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/42c0d9813df3035728b36116a6ce9116e6fa8ed3",
"name" : "https://github.com/star7th/showdoc/commit/42c0d9813df3035728b36116a6ce9116e6fa8ed3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/42c0d9813df3035728b36116a6ce9116e6fa8ed3",
"name" : "https://github.com/star7th/showdoc/commit/42c0d9813df3035728b36116a6ce9116e6fa8ed3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6127739d-f4f2-44cd-ae3d-e3ccb7f0d7b5",
"name" : "https://huntr.dev/bounties/6127739d-f4f2-44cd-ae3d-e3ccb7f0d7b5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6127739d-f4f2-44cd-ae3d-e3ccb7f0d7b5",
"name" : "https://huntr.dev/bounties/6127739d-f4f2-44cd-ae3d-e3ccb7f0d7b5",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T03:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0938",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/830c89a4c2c5fd0dd491422bf8e97b4eb5713f55",
"name" : "https://github.com/star7th/showdoc/commit/830c89a4c2c5fd0dd491422bf8e97b4eb5713f55",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/830c89a4c2c5fd0dd491422bf8e97b4eb5713f55",
"name" : "https://github.com/star7th/showdoc/commit/830c89a4c2c5fd0dd491422bf8e97b4eb5713f55",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3eb5a8f9-24e3-4eae-a212-070b2fbc237e",
"name" : "https://huntr.dev/bounties/3eb5a8f9-24e3-4eae-a212-070b2fbc237e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3eb5a8f9-24e3-4eae-a212-070b2fbc237e",
"name" : "https://huntr.dev/bounties/3eb5a8f9-24e3-4eae-a212-070b2fbc237e",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0939",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"name" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"name" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4",
"name" : "https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4",
"name" : "https://huntr.dev/bounties/768fd7e2-a767-4d8d-a517-e9dda849c6e4",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.18",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "HIGH",
"baseScore" : 9.9,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.3
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0940",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/78522520892d4e29cc94148c6ec84a204a607b73",
"name" : "https://github.com/star7th/showdoc/commit/78522520892d4e29cc94148c6ec84a204a607b73",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/78522520892d4e29cc94148c6ec84a204a607b73",
"name" : "https://github.com/star7th/showdoc/commit/78522520892d4e29cc94148c6ec84a204a607b73",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/856bd2e2-db4f-4b7d-9927-222261ae3782",
"name" : "https://huntr.dev/bounties/856bd2e2-db4f-4b7d-9927-222261ae3782",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/856bd2e2-db4f-4b7d-9927-222261ae3782",
"name" : "https://huntr.dev/bounties/856bd2e2-db4f-4b7d-9927-222261ae3782",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0941",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/4b6e6603c714aab1de346c5f5cb0bbb4c871be1f",
"name" : "https://github.com/star7th/showdoc/commit/4b6e6603c714aab1de346c5f5cb0bbb4c871be1f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/4b6e6603c714aab1de346c5f5cb0bbb4c871be1f",
"name" : "https://github.com/star7th/showdoc/commit/4b6e6603c714aab1de346c5f5cb0bbb4c871be1f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/040a910e-e689-4fcb-9e4f-95206515d1bc",
"name" : "https://huntr.dev/bounties/040a910e-e689-4fcb-9e4f-95206515d1bc",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/040a910e-e689-4fcb-9e4f-95206515d1bc",
"name" : "https://huntr.dev/bounties/040a910e-e689-4fcb-9e4f-95206515d1bc",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0942",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a412707c-18da-4c84-adc0-9801ed8068c9",
"name" : "https://huntr.dev/bounties/a412707c-18da-4c84-adc0-9801ed8068c9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a412707c-18da-4c84-adc0-9801ed8068c9",
"name" : "https://huntr.dev/bounties/a412707c-18da-4c84-adc0-9801ed8068c9",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0943",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-122"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/28",
"name" : "20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "http://seclists.org/fulldisclosure/2022/Oct/41",
"name" : "20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13",
"refsource" : "",
"tags" : [ "Mailing List", "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3",
"name" : "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3",
"name" : "https://github.com/vim/vim/commit/5c68617d395f9d7b824f68475b24ce3e38d653a3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1",
"name" : "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1",
"name" : "https://huntr.dev/bounties/9e4de32f-ad5f-4830-b3ae-9467b5ab90a1",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html",
"name" : "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html",
"name" : "[debian-lts-announce] 20220620 [SECURITY] [DLA 3053-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html",
"name" : "[debian-lts-announce] 20221108 [SECURITY] [DLA 3182-1] vim security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/",
"name" : "FEDORA-2022-b718ebbfce",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3R36VSLO4TRX72SWB6IDJOD24BQXPX2/",
"name" : "FEDORA-2022-b718ebbfce",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/",
"name" : "FEDORA-2022-e62adccfca",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAIQTUO35U5WO2NYMY47637EMCVDJRSL/",
"name" : "FEDORA-2022-e62adccfca",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-32",
"name" : "GLSA-202208-32",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
}, {
"url" : "https://support.apple.com/kb/HT213488",
"name" : "https://support.apple.com/kb/HT213488",
"refsource" : "",
"tags" : [ "Release Notes", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "8.2.4563",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "13.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-14T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0944",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-94"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/sqlpad/sqlpad/commit/3f92be386c6cd3e5eba75d85f0700d3ef54daf73",
"name" : "https://github.com/sqlpad/sqlpad/commit/3f92be386c6cd3e5eba75d85f0700d3ef54daf73",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/sqlpad/sqlpad/commit/3f92be386c6cd3e5eba75d85f0700d3ef54daf73",
"name" : "https://github.com/sqlpad/sqlpad/commit/3f92be386c6cd3e5eba75d85f0700d3ef54daf73",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/46630727-d923-4444-a421-537ecd63e7fb",
"name" : "https://huntr.dev/bounties/46630727-d923-4444-a421-537ecd63e7fb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/46630727-d923-4444-a421-537ecd63e7fb",
"name" : "https://huntr.dev/bounties/46630727-d923-4444-a421-537ecd63e7fb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sqlpad:sqlpad:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.10.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-15T01:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0945",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/ba45d19e1d77a7eea866dab30eff5da552694891",
"name" : "https://github.com/star7th/showdoc/commit/ba45d19e1d77a7eea866dab30eff5da552694891",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/ba45d19e1d77a7eea866dab30eff5da552694891",
"name" : "https://github.com/star7th/showdoc/commit/ba45d19e1d77a7eea866dab30eff5da552694891",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8702e2bf-4af2-4391-b651-c8c89e7d089e",
"name" : "https://huntr.dev/bounties/8702e2bf-4af2-4391-b651-c8c89e7d089e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/8702e2bf-4af2-4391-b651-c8c89e7d089e",
"name" : "https://huntr.dev/bounties/8702e2bf-4af2-4391-b651-c8c89e7d089e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T04:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0946",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/e5d575928b1371a7e07b09b6592822298335062a",
"name" : "https://github.com/star7th/showdoc/commit/e5d575928b1371a7e07b09b6592822298335062a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/e5d575928b1371a7e07b09b6592822298335062a",
"name" : "https://github.com/star7th/showdoc/commit/e5d575928b1371a7e07b09b6592822298335062a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1f8f0021-396e-428e-9748-dd4e359715e1",
"name" : "https://huntr.dev/bounties/1f8f0021-396e-428e-9748-dd4e359715e1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1f8f0021-396e-428e-9748-dd4e359715e1",
"name" : "https://huntr.dev/bounties/1f8f0021-396e-428e-9748-dd4e359715e1",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T14:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0947",
"ASSIGNER" : "cybersecurity@ch.abb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-665"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001253&LanguageCode=en&DocumentPartId=&Action=Launch",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001253&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001253&LanguageCode=en&DocumentPartId=&Action=Launch",
"name" : "https://search.abb.com/library/Download.aspx?DocumentID=2NGA001253&LanguageCode=en&DocumentPartId=&Action=Launch",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a1220na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a1220na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a1230na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a1230na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a1240na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a1240na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a1260na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a1260na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a2622na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a2622na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arg600a2625na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arg600a2625na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2200na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2200na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2220na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2220na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2250na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2250na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2260na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2260na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2651na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2651na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arp600a2560na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arp600a2560na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3201na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3201na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3202na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3202na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3221na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3221na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3222na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3222na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3251na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3251na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3252na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3252na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3261na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3261na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arr600a3262na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arr600a3262na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arc600a2325na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arc600a2325na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arc600a2323na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arc600a2323na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:arc600a2324na_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:arc600a2324na:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:abb:viola_systems_arctic_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.4.0",
"versionEndIncluding" : "3.4.10",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:abb:viola_systems_arctic:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-10T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0948",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2707223",
"name" : "https://plugins.trac.wordpress.org/changeset/2707223",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2707223",
"name" : "https://plugins.trac.wordpress.org/changeset/2707223",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576",
"name" : "https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576",
"name" : "https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pluginbazaar:order_listener_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0949",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a0fbb79a-e160-49df-9cf2-18ab64ea66cb",
"name" : "https://wpscan.com/vulnerability/a0fbb79a-e160-49df-9cf2-18ab64ea66cb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a0fbb79a-e160-49df-9cf2-18ab64ea66cb",
"name" : "https://wpscan.com/vulnerability/a0fbb79a-e160-49df-9cf2-18ab64ea66cb",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:stopbadbots:block_and_stop_bad_bots:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "6.930",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0950",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"name" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"name" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/acc23996-bd57-448f-9eb4-05a8a046c2dc",
"name" : "https://huntr.dev/bounties/acc23996-bd57-448f-9eb4-05a8a046c2dc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/acc23996-bd57-448f-9eb4-05a8a046c2dc",
"name" : "https://huntr.dev/bounties/acc23996-bd57-448f-9eb4-05a8a046c2dc",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0951",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"name" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"name" : "https://github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b3a983a3-17f9-4aa8-92d7-8a0c92a93932",
"name" : "https://huntr.dev/bounties/b3a983a3-17f9-4aa8-92d7-8a0c92a93932",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b3a983a3-17f9-4aa8-92d7-8a0c92a93932",
"name" : "https://huntr.dev/bounties/b3a983a3-17f9-4aa8-92d7-8a0c92a93932",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0952",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"name" : "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"name" : "https://wpscan.com/vulnerability/0f694961-afab-44f9-846c-e80a0f6c768b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:sitemap_project:sitemap:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.36",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0953",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/29ab3c7b-58e0-4a72-b7b4-ab12a6d54f5a",
"name" : "https://wpscan.com/vulnerability/29ab3c7b-58e0-4a72-b7b4-ab12a6d54f5a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/29ab3c7b-58e0-4a72-b7b4-ab12a6d54f5a",
"name" : "https://wpscan.com/vulnerability/29ab3c7b-58e0-4a72-b7b4-ab12a6d54f5a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting in browsers which do not encode characters"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:download_anti-malware_security_and_brute-force_firewall_project:download_anti-malware_security_and_brute-force_firewall:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.20.96",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0954",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7",
"name" : "https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7",
"name" : "https://github.com/microweber/microweber/commit/955471c27e671c49e4b012e3b120b004082ac3f7",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26",
"name" : "https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26",
"name" : "https://huntr.dev/bounties/b99517c0-37fc-4efa-ab1a-3591da7f4d26",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in GitHub repository microweber/microweber prior to 1.2.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0955",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/pimcore/data-hub/commit/15d5b57af2466eebd3bbc531ead5dafa35d0a36e",
"name" : "https://github.com/pimcore/data-hub/commit/15d5b57af2466eebd3bbc531ead5dafa35d0a36e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/pimcore/data-hub/commit/15d5b57af2466eebd3bbc531ead5dafa35d0a36e",
"name" : "https://github.com/pimcore/data-hub/commit/15d5b57af2466eebd3bbc531ead5dafa35d0a36e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/708971a6-1e6c-4c51-a411-255caeba51df",
"name" : "https://huntr.dev/bounties/708971a6-1e6c-4c51-a411-255caeba51df",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/708971a6-1e6c-4c51-a411-255caeba51df",
"name" : "https://huntr.dev/bounties/708971a6-1e6c-4c51-a411-255caeba51df",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/data-hub prior to 1.2.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pimcore:data-hub:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-24T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0956",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13",
"name" : "https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13",
"name" : "https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2",
"name" : "https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2",
"name" : "https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0957",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/d1c9ed0d77ea5d56f09be0c492361dca8af745bb",
"name" : "https://github.com/star7th/showdoc/commit/d1c9ed0d77ea5d56f09be0c492361dca8af745bb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/d1c9ed0d77ea5d56f09be0c492361dca8af745bb",
"name" : "https://github.com/star7th/showdoc/commit/d1c9ed0d77ea5d56f09be0c492361dca8af745bb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b4918d45-b635-40db-bb4b-34035e1aca21",
"name" : "https://huntr.dev/bounties/b4918d45-b635-40db-bb4b-34035e1aca21",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b4918d45-b635-40db-bb4b-34035e1aca21",
"name" : "https://huntr.dev/bounties/b4918d45-b635-40db-bb4b-34035e1aca21",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.10.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0958",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2679436",
"name" : "https://plugins.trac.wordpress.org/changeset/2679436",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2679436",
"name" : "https://plugins.trac.wordpress.org/changeset/2679436",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/05034521-6eb9-43b9-8f03-7e0de60e3022",
"name" : "https://wpscan.com/vulnerability/05034521-6eb9-43b9-8f03-7e0de60e3022",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/05034521-6eb9-43b9-8f03-7e0de60e3022",
"name" : "https://wpscan.com/vulnerability/05034521-6eb9-43b9-8f03-7e0de60e3022",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mark_posts_project:mark_posts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.0.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-04T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0959",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
}, {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063759",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063759",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063759",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063759",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is running has permission to write."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:pgadmin:pgadmin_4:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-16T15:15Z",
"lastModifiedDate" : "2025-03-17T16:46Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0960",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/92bc6a83a3a60e01a0d2effb98ab47d8d7eab28f",
"name" : "https://github.com/star7th/showdoc/commit/92bc6a83a3a60e01a0d2effb98ab47d8d7eab28f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/92bc6a83a3a60e01a0d2effb98ab47d8d7eab28f",
"name" : "https://github.com/star7th/showdoc/commit/92bc6a83a3a60e01a0d2effb98ab47d8d7eab28f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/462cd8a7-b1a9-4e93-af71-b56ba1d7ad4e",
"name" : "https://huntr.dev/bounties/462cd8a7-b1a9-4e93-af71-b56ba1d7ad4e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/462cd8a7-b1a9-4e93-af71-b56ba1d7ad4e",
"name" : "https://huntr.dev/bounties/462cd8a7-b1a9-4e93-af71-b56ba1d7ad4e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0961",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc",
"name" : "https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc",
"name" : "https://github.com/microweber/microweber/commit/f7acbd075dff4825b35b597b74958de9edce67fc",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436",
"name" : "https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436",
"name" : "https://huntr.dev/bounties/cdf00e14-38a7-4b6b-9bb4-3a71bf24e436",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The microweber application allows large characters to insert in the input field \"post title\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0962",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7ebe3e5f-2c86-44de-b83e-2ddb6bbda908",
"name" : "https://huntr.dev/bounties/7ebe3e5f-2c86-44de-b83e-2ddb6bbda908",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7ebe3e5f-2c86-44de-b83e-2ddb6bbda908",
"name" : "https://huntr.dev/bounties/7ebe3e5f-2c86-44de-b83e-2ddb6bbda908",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-14T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0963",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08",
"name" : "https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08",
"name" : "https://github.com/microweber/microweber/commit/975fc1d6d3fba598ee550849ceb81af23ce72e08",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c",
"name" : "https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c",
"name" : "https://huntr.dev/bounties/a89a4198-0880-4aa2-8439-a463f39f244c",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted XML Files Leads to Stored XSS in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0964",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dbe39998-8eb7-46ea-997f-7b27f6f16ea0",
"name" : "https://huntr.dev/bounties/dbe39998-8eb7-46ea-997f-7b27f6f16ea0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dbe39998-8eb7-46ea-997f-7b27f6f16ea0",
"name" : "https://huntr.dev/bounties/dbe39998-8eb7-46ea-997f-7b27f6f16ea0",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0965",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d66c88ce-63e2-4515-a429-8e43a42aa347",
"name" : "https://huntr.dev/bounties/d66c88ce-63e2-4515-a429-8e43a42aa347",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d66c88ce-63e2-4515-a429-8e43a42aa347",
"name" : "https://huntr.dev/bounties/d66c88ce-63e2-4515-a429-8e43a42aa347",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva .ofd file upload in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0966",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e06c0d55-00a3-4f82-a009-0310b2e402fe",
"name" : "https://huntr.dev/bounties/e06c0d55-00a3-4f82-a009-0310b2e402fe",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/e06c0d55-00a3-4f82-a009-0310b2e402fe",
"name" : "https://huntr.dev/bounties/e06c0d55-00a3-4f82-a009-0310b2e402fe",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS via File Upload in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.4.10."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.4.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0967",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/167198/Showdoc-2.10.3-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/167198/Showdoc-2.10.3-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/167198/Showdoc-2.10.3-Cross-Site-Scripting.html",
"name" : "http://packetstormsecurity.com/files/167198/Showdoc-2.10.3-Cross-Site-Scripting.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"name" : "https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9dea3c98-7609-480d-902d-149067bd1e2a",
"name" : "https://huntr.dev/bounties/9dea3c98-7609-480d-902d-149067bd1e2a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/9dea3c98-7609-480d-902d-149067bd1e2a",
"name" : "https://huntr.dev/bounties/9dea3c98-7609-480d-902d-149067bd1e2a",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0968",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e",
"name" : "https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e",
"name" : "https://github.com/microweber/microweber/commit/80e39084729a57dfe749626c3b9d35247a14c49e",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e",
"name" : "https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e",
"name" : "https://huntr.dev/bounties/97e36678-11cf-42c6-889c-892d415d9f9e",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The microweber application allows large characters to insert in the input field \"fist & last name\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-15T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0969",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2695242",
"name" : "https://plugins.trac.wordpress.org/changeset/2695242",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2695242",
"name" : "https://plugins.trac.wordpress.org/changeset/2695242",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/59a7a441-7384-4006-89b4-15345f70fabf",
"name" : "https://wpscan.com/vulnerability/59a7a441-7384-4006-89b4-15345f70fabf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/59a7a441-7384-4006-89b4-15345f70fabf",
"name" : "https://wpscan.com/vulnerability/59a7a441-7384-4006-89b4-15345f70fabf",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Image optimization & Lazy Load by Optimole WordPress plugin before 3.3.2 does not sanitise and escape its \"Lazyload background images for selectors\" settings, which could allow high privilege users such as admin to perform Cross-Site scripting attacks even when the unfiltered_html capability is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vertistudio:image_optimization_\\&_lazy_load_by_optimole:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0970",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/getgrav/grav/commit/f19297d5f70476e7bedae9f2acef6b43615538b8",
"name" : "https://github.com/getgrav/grav/commit/f19297d5f70476e7bedae9f2acef6b43615538b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/getgrav/grav/commit/f19297d5f70476e7bedae9f2acef6b43615538b8",
"name" : "https://github.com/getgrav/grav/commit/f19297d5f70476e7bedae9f2acef6b43615538b8",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dd436c44-cbf4-48ac-8817-3a24872534ec",
"name" : "https://huntr.dev/bounties/dd436c44-cbf4-48ac-8817-3a24872534ec",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/dd436c44-cbf4-48ac-8817-3a24872534ec",
"name" : "https://huntr.dev/bounties/dd436c44-cbf4-48ac-8817-3a24872534ec",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.7.31",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-15T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0971",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299422",
"name" : "https://crbug.com/1299422",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299422",
"name" : "https://crbug.com/1299422",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0972",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1301320",
"name" : "https://crbug.com/1301320",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1301320",
"name" : "https://crbug.com/1301320",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0973",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1297498",
"name" : "https://crbug.com/1297498",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1297498",
"name" : "https://crbug.com/1297498",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0974",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1291986",
"name" : "https://crbug.com/1291986",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1291986",
"name" : "https://crbug.com/1291986",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Splitscreen in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0975",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1295411",
"name" : "https://crbug.com/1295411",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1295411",
"name" : "https://crbug.com/1295411",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0976",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1296866",
"name" : "https://crbug.com/1296866",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1296866",
"name" : "https://crbug.com/1296866",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0977",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299225",
"name" : "https://crbug.com/1299225",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299225",
"name" : "https://crbug.com/1299225",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Browser UI in Google Chrome on Chrome OS prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.6,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 2.8,
"impactScore" : 6.0
}
},
"publishedDate" : "2022-07-21T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0978",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299264",
"name" : "https://crbug.com/1299264",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1299264",
"name" : "https://crbug.com/1299264",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-22T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0979",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1302644",
"name" : "https://crbug.com/1302644",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1302644",
"name" : "https://crbug.com/1302644",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-22T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0980",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_15.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1302157",
"name" : "https://crbug.com/1302157",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1302157",
"name" : "https://crbug.com/1302157",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via specific user interactions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.74",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-22T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0981",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2062520",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2062520",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2062520",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2062520",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/quarkusio/quarkus/issues/23269",
"name" : "https://github.com/quarkusio/quarkus/issues/23269",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/quarkusio/quarkus/issues/23269",
"name" : "https://github.com/quarkusio/quarkus/issues/23269",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in Quarkus. The state and potentially associated permissions can leak from one web request to another in RestEasy Reactive. This flaw allows a low-privileged user to perform operations on the database with a different set of privileges than intended."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0982",
"ASSIGNER" : "cve_disclosure@tech.gov.sg"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/xebd/accel-ppp/issues/164",
"name" : "https://github.com/xebd/accel-ppp/issues/164",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://github.com/xebd/accel-ppp/issues/164",
"name" : "https://github.com/xebd/accel-ppp/issues/164",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The telnet_input_char function in opt/src/accel-pppd/cli/telnet.c suffers from a memory corruption vulnerability, whereby user input cmdline_len is copied into a fixed buffer b->buf without any bound checks. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:accel-ppp:accel-ppp:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.12.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0983",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064119",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064119",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064119",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064119",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6Y/",
"name" : "FEDORA-2022-1c459083df",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4GRMWBGHOJMFXMTORECQNULJK7ZJJ6Y/",
"name" : "FEDORA-2022-1c459083df",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An SQL injection risk was identified in Badges code relating to configuring criteria. Access to the relevant capability was limited to teachers and managers by default."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndExcluding" : "3.9.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.6",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0984",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064118",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064118",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064118",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064118",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Users with the capability to configure badge criteria (teachers and managers by default) were able to configure course badges with profile field criteria, which should only be available for site badges."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.9.0",
"versionEndExcluding" : "3.9.13",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.6",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-29T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0985",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-863"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064117",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064117",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064117",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064117",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.10.0",
"versionEndExcluding" : "3.10.10",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.11.0",
"versionEndExcluding" : "3.11.6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "3.9.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-29T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0986",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/hestiacp/hestiacp/commit/fd42196718a6fa7fe17b37fab0933d3cbcb3db0d",
"name" : "https://github.com/hestiacp/hestiacp/commit/fd42196718a6fa7fe17b37fab0933d3cbcb3db0d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/hestiacp/hestiacp/commit/fd42196718a6fa7fe17b37fab0933d3cbcb3db0d",
"name" : "https://github.com/hestiacp/hestiacp/commit/fd42196718a6fa7fe17b37fab0933d3cbcb3db0d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/57635c78-303f-412f-b75a-623df9fa9edd",
"name" : "https://huntr.dev/bounties/57635c78-303f-412f-b75a-623df9fa9edd",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/57635c78-303f-412f-b75a-623df9fa9edd",
"name" : "https://huntr.dev/bounties/57635c78-303f-412f-b75a-623df9fa9edd",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Reflected Cross-site Scripting (XSS) Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.11."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.5.11",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-16T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0987",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064315",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064315",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064315",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064315",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:packagekit_project:packagekit:*:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 3.3,
"baseSeverity" : "LOW"
},
"exploitabilityScore" : 1.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-06-28T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0988",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-319"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-03",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-03",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-03",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-238-03",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Delta Electronics DIAEnergie (Version 1.7.5 and prior) is vulnerable to cleartext transmission as the web application runs by default on HTTP. This could allow an attacker to remotely read transmitted information between the client and product."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.7.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0989",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4",
"name" : "https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4",
"name" : "https://wpscan.com/vulnerability/a6bfc150-8e3f-4b2d-a6e1-09406af41dd4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:nsthemes:ns_watermark_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.11.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0990",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"name" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"name" : "https://github.com/janeczku/calibre-web/commit/4545f4a20d9ff90b99bbd4e3e34b6de4441d6367",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/31649903-c19c-4dae-aee0-a04b095855c5",
"name" : "https://huntr.dev/bounties/31649903-c19c-4dae-aee0-a04b095855c5",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/31649903-c19c-4dae-aee0-a04b095855c5",
"name" : "https://huntr.dev/bounties/31649903-c19c-4dae-aee0-a04b095855c5",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:janeczku:calibre-web:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "0.6.18",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0991",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-613"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/admidio/admidio/commit/e84e472ebe517e2ff5795c46dc10b5f49dc4d46a",
"name" : "https://github.com/admidio/admidio/commit/e84e472ebe517e2ff5795c46dc10b5f49dc4d46a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/admidio/admidio/commit/e84e472ebe517e2ff5795c46dc10b5f49dc4d46a",
"name" : "https://github.com/admidio/admidio/commit/e84e472ebe517e2ff5795c46dc10b5f49dc4d46a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1c406a4e-15d0-4920-8495-731c48473ba4",
"name" : "https://huntr.dev/bounties/1c406a4e-15d0-4920-8495-731c48473ba4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/1c406a4e-15d0-4920-8495-731c48473ba4",
"name" : "https://huntr.dev/bounties/1c406a4e-15d0-4920-8495-731c48473ba4",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 7.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 4.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-19T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0992",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2706302",
"name" : "https://plugins.trac.wordpress.org/changeset/2706302",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2706302",
"name" : "https://plugins.trac.wordpress.org/changeset/2706302",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"name" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"name" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e5c6bf7-a653-4571-9566-574d2bb35c4f?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e5c6bf7-a653-4571-9566-574d2bb35c4f?source=cve",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e5c6bf7-a653-4571-9566-574d2bb35c4f?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/6e5c6bf7-a653-4571-9566-574d2bb35c4f?source=cve",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on initial 2FA set-up that allows unauthenticated and unauthorized users to configure 2FA for pending accounts. Upon successful configuration, the attacker is logged in as that user without access to a username/password pair which is the expected first form of authentication. This affects versions up to, and including, 1.2.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siteground:security_optimizer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-19T21:15Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0993",
"ASSIGNER" : "cve-request@wordfence.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-306"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2706302",
"name" : "https://plugins.trac.wordpress.org/changeset/2706302",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2706302",
"name" : "https://plugins.trac.wordpress.org/changeset/2706302",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"name" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"name" : "https://www.wordfence.com/blog/2022/04/critical-authentication-bypass-vulnerability-patched-in-siteground-security-plugin/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e3a5566-eee5-4f71-9c93-e59abf913d04?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e3a5566-eee5-4f71-9c93-e59abf913d04?source=cve",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e3a5566-eee5-4f71-9c93-e59abf913d04?source=cve",
"name" : "https://www.wordfence.com/threat-intel/vulnerabilities/id/8e3a5566-eee5-4f71-9c93-e59abf913d04?source=cve",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows unauthenticated users to log in as administrative users due to missing identity verification on the 2FA back-up code implementation that logs users in upon success. This affects versions up to, and including, 1.2.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:siteground:siteground_security:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.2.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-19T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0994",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e9dd62fc-bb79-4a6b-b99c-60e40f010d7a",
"name" : "https://wpscan.com/vulnerability/e9dd62fc-bb79-4a6b-b99c-60e40f010d7a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e9dd62fc-bb79-4a6b-b99c-60e40f010d7a",
"name" : "https://wpscan.com/vulnerability/e9dd62fc-bb79-4a6b-b99c-60e40f010d7a",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Hummingbird WordPress plugin before 3.3.2 does not sanitise and escape the Config Name, which could allow high privilege users, such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:incsub:hummingbird:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.3.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0995",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"name" : "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"name" : "http://packetstormsecurity.com/files/166770/Linux-watch_queue-Filter-Out-Of-Bounds-Write.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html",
"name" : "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html",
"name" : "http://packetstormsecurity.com/files/166815/Watch-Queue-Out-Of-Bounds-Write.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063786",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063786",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063786",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2063786",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=93ce93587d36493f2f86921fa79921b3cba63fbb",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220429-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220429-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220429-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220429-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.8",
"versionEndExcluding" : "5.10.106",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.29",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0996",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064769",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064769",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064769",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064769",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/389-ds-base",
"name" : "https://github.com/ByteHackr/389-ds-base",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/ByteHackr/389-ds-base",
"name" : "https://github.com/ByteHackr/389-ds-base",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"name" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"name" : "https://lists.debian.org/debian-lts-announce/2023/04/msg00026.html",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QFD7CBBX3IZOSHEWL2EYKRLOEQSXCZ6/",
"name" : "FEDORA-2022-2558f14c58",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QFD7CBBX3IZOSHEWL2EYKRLOEQSXCZ6/",
"name" : "FEDORA-2022-2558f14c58",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYT2IQJFHQWZENJJRY6EJB3XIFZGNT7F/",
"name" : "FEDORA-2022-40544b5314",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PYT2IQJFHQWZENJJRY6EJB3XIFZGNT7F/",
"name" : "FEDORA-2022-40544b5314",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in the 389 Directory Server that allows expired passwords to access the database to cause improper authentication."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:389_directory_server:1.4.0.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0997",
"ASSIGNER" : "security@fidelissecurity.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-276"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"name" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"name" : "https://fidelissecurity.zendesk.com/hc/en-us/articles/6211730139411",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected script files, which could result in arbitrary commands being run as root upon subsequent logon by a root user. The vulnerability is present in Fidelis Network and Deception versions prior to 9.4.5. Patches and updates are available to address this vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fidelissecurity:deception:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.4.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fidelissecurity:network:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "9.4.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-17T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0998",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://www.openwall.com/lists/oss-security/2022/04/02/1",
"name" : "[oss-security] 20220402 Re: [PATCH AUTOSEL 5.15 13/16] vdpa: clean up get_config_size ret value handling",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/04/02/1",
"name" : "[oss-security] 20220402 Re: [PATCH AUTOSEL 5.15 13/16] vdpa: clean up get_config_size ret value handling",
"refsource" : "",
"tags" : [ "Mailing List", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal%40kernel.org/",
"name" : "https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal%40kernel.org/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal%40kernel.org/",
"name" : "https://lore.kernel.org/netdev/20220123001216.2460383-13-sashal%40kernel.org/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220513-0003/",
"name" : "https://security.netapp.com/advisory/ntap-20220513-0003/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220513-0003/",
"name" : "https://security.netapp.com/advisory/ntap-20220513-0003/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.7",
"versionEndExcluding" : "5.10.88",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.11",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-30T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-0999",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-083-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-083-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-083-02",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-083-02",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An authenticated user may be able to misuse parameters to inject arbitrary operating system commands into mySCADA myPRO versions 8.25.0 and prior."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:myscada:mypro:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "8.25.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1000",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-22"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/prasathmani/tinyfilemanager/commit/154947ef83efeb68fc2b921065392b6a7fc9c965",
"name" : "https://github.com/prasathmani/tinyfilemanager/commit/154947ef83efeb68fc2b921065392b6a7fc9c965",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/prasathmani/tinyfilemanager/commit/154947ef83efeb68fc2b921065392b6a7fc9c965",
"name" : "https://github.com/prasathmani/tinyfilemanager/commit/154947ef83efeb68fc2b921065392b6a7fc9c965",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5995a93f-0c4b-4f7d-aa59-a64424219424",
"name" : "https://huntr.dev/bounties/5995a93f-0c4b-4f7d-aa59-a64424219424",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/5995a93f-0c4b-4f7d-aa59-a64424219424",
"name" : "https://huntr.dev/bounties/5995a93f-0c4b-4f7d-aa59-a64424219424",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Path Traversal in GitHub repository prasathmani/tinyfilemanager prior to 2.4.7."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:tiny_file_manager_project:tiny_file_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.4.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-17T11:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1001",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2696091",
"name" : "https://plugins.trac.wordpress.org/changeset/2696091",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2696091",
"name" : "https://plugins.trac.wordpress.org/changeset/2696091",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/34a7b3cd-e2b5-4891-ab33-af6a2a0eeceb",
"name" : "https://wpscan.com/vulnerability/34a7b3cd-e2b5-4891-ab33-af6a2a0eeceb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/34a7b3cd-e2b5-4891-ab33-af6a2a0eeceb",
"name" : "https://wpscan.com/vulnerability/34a7b3cd-e2b5-4891-ab33-af6a2a0eeceb",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Downgrade WordPress plugin before 1.2.3 only perform client side validation of its \"WordPress Target Version\" settings, but does not sanitise and escape it server side, allowing high privilege users such as admin to perform Cross-Site attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wp_downgrade_project:wp_downgrade:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1002",
"ASSIGNER" : "responsibledisclosure@mattermost.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://hackerone.com/reports/1443567",
"name" : "https://hackerone.com/reports/1443567",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://hackerone.com/reports/1443567",
"name" : "https://hackerone.com/reports/1443567",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Mattermost 6.3.0 and earlier fails to properly sanitize the HTML content in the email invitation sent to guest users, which allows registered users with special permissions to invite guest users to inject unescaped HTML content in the email invitations."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.4.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1003",
"ASSIGNER" : "responsibledisclosure@mattermost.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://mattermost.com/security-updates/",
"name" : "https://mattermost.com/security-updates/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions, which allows the system administrators to combine the two distinct privileges/capabilities in a way that allows them to override certain restricted configurations like EnableUploads."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.4.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 4.9,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.2,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1004",
"ASSIGNER" : "security@otrs.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-200"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-06/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-06/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://otrs.com/release-notes/otrs-security-advisory-2022-06/",
"name" : "https://otrs.com/release-notes/otrs-security-advisory-2022-06/",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "7.0.0",
"versionEndExcluding" : "7.0.33",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:otrs:otrs:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "8.0.0",
"versionEndExcluding" : "8.0.20",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-21T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1005",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/f37d1d55-10cc-4202-8d16-9ec2128f54f9",
"name" : "https://wpscan.com/vulnerability/f37d1d55-10cc-4202-8d16-9ec2128f54f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f37d1d55-10cc-4202-8d16-9ec2128f54f9",
"name" : "https://wpscan.com/vulnerability/f37d1d55-10cc-4202-8d16-9ec2128f54f9",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Statistics WordPress plugin before 13.2.2 does not sanitise the REQUEST_URI parameter before outputting it back in the rendered page, leading to Cross-Site Scripting (XSS) in web browsers which do not encode characters"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "13.2.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-08T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1006",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2695427",
"name" : "https://plugins.trac.wordpress.org/changeset/2695427",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2695427",
"name" : "https://plugins.trac.wordpress.org/changeset/2695427",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c5569317-b8c8-4524-8375-3e2369bdcc68",
"name" : "https://wpscan.com/vulnerability/c5569317-b8c8-4524-8375-3e2369bdcc68",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/c5569317-b8c8-4524-8375-3e2369bdcc68",
"name" : "https://wpscan.com/vulnerability/c5569317-b8c8-4524-8375-3e2369bdcc68",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the id parameter when editing Calendars, which could allow high privilege users such as admin to perform SQL injection attacks"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:elbtide:advanced_booking_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1007",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2695427",
"name" : "https://plugins.trac.wordpress.org/changeset/2695427",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2695427",
"name" : "https://plugins.trac.wordpress.org/changeset/2695427",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6f5b764b-d13b-4371-9cc5-91204d9d6358",
"name" : "https://wpscan.com/vulnerability/6f5b764b-d13b-4371-9cc5-91204d9d6358",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/6f5b764b-d13b-4371-9cc5-91204d9d6358",
"name" : "https://wpscan.com/vulnerability/6f5b764b-d13b-4371-9cc5-91204d9d6358",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:elbtide:advanced_booking_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.7.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1008",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2695999",
"name" : "https://plugins.trac.wordpress.org/changeset/2695999",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2695999",
"name" : "https://plugins.trac.wordpress.org/changeset/2695999",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082",
"name" : "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082",
"name" : "https://wpscan.com/vulnerability/0c2e2b4d-49eb-4fd9-b9f0-3feae80c1082",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ocdi:one_click_demo_import:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.1.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1009",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/bb5af08f-bb19-46a1-a7ac-8381f428c11e",
"name" : "https://wpscan.com/vulnerability/bb5af08f-bb19-46a1-a7ac-8381f428c11e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/bb5af08f-bb19-46a1-a7ac-8381f428c11e",
"name" : "https://wpscan.com/vulnerability/bb5af08f-bb19-46a1-a7ac-8381f428c11e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin to upload a malicious configuration file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpmudev:smush_image_compression_and_optimization:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.9.9",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-30T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1010",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e9e4dfbe-01b2-4003-80ed-db1e45f38b2b",
"name" : "https://wpscan.com/vulnerability/e9e4dfbe-01b2-4003-80ed-db1e45f38b2b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e9e4dfbe-01b2-4003-80ed-db1e45f38b2b",
"name" : "https://wpscan.com/vulnerability/e9e4dfbe-01b2-4003-80ed-db1e45f38b2b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Login using WordPress Users ( WP as SAML IDP ) WordPress plugin before 1.13.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:miniorange:login_using_wordpress_users:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.1.34",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1011",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064855",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064855",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064855",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064855",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse.git/commit/?h=for-next",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html",
"name" : "[debian-lts-announce] 20220701 [SECURITY] [DLA 3065-1] linux security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"name" : "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:developer_tools:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:build_of_quarkus:2.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:redhat:codeready_linux_builder:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.1.3:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1012",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-401"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064604",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064604",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064604",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2064604",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/",
"name" : "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/",
"name" : "https://lore.kernel.org/lkml/20220427065233.2075-1-w%401wt.eu/T/",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221020-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20221020-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221020-0006/",
"name" : "https://security.netapp.com/advisory/ntap-20221020-0006/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This flaw may allow an attacker to information leak and may cause a denial of service problem."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc4:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:rc5:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.18",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 8.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 4.2
}
},
"publishedDate" : "2022-08-05T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1013",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"name" : "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"name" : "https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:ays-pro:personal_dictionary:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1014",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/eb9e202d-04aa-4343-86a2-4aa2edaa7f6b",
"name" : "https://wpscan.com/vulnerability/eb9e202d-04aa-4343-86a2-4aa2edaa7f6b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/eb9e202d-04aa-4343-86a2-4aa2edaa7f6b",
"name" : "https://wpscan.com/vulnerability/eb9e202d-04aa-4343-86a2-4aa2edaa7f6b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:labarta:wp_contacts_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.2.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-23T08:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1015",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"name" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"name" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html",
"name" : "http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html",
"name" : "http://packetstormsecurity.com/files/169951/Kernel-Live-Patch-Security-Notice-LSN-0090-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/08/25/2",
"name" : "[oss-security] 20220825 Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2022/08/25/2",
"name" : "[oss-security] 20220825 Re: Linux kernel: CVE-2022-1015,CVE-2022-1016 in nf_tables cause privilege escalation, information leak",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2023/01/13/2",
"name" : "[oss-security] 20230113 CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2023/01/13/2",
"name" : "[oss-security] 20230113 CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2023/02/23/1",
"name" : "[oss-security] 20230223 Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "http://www.openwall.com/lists/oss-security/2023/02/23/1",
"name" : "[oss-security] 20230223 Re: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065323",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065323",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065323",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065323",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://seclists.org/oss-sec/2022/q1/205",
"name" : "https://seclists.org/oss-sec/2022/q1/205",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://seclists.org/oss-sec/2022/q1/205",
"name" : "https://seclists.org/oss-sec/2022/q1/205",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to cause an out-of-bounds write issue."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.16.18",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "HIGH",
"baseScore" : 6.6,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 4.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-29T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1016",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-909"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"name" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"name" : "http://blog.dbouman.nl/2022/04/02/How-The-Tables-Have-Turned-CVE-2022-1015-1016/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-1016",
"name" : "https://access.redhat.com/security/cve/CVE-2022-1016",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-1016",
"name" : "https://access.redhat.com/security/cve/CVE-2022-1016",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066614",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066614",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066614",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066614",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://seclists.org/oss-sec/2022/q1/205",
"name" : "https://seclists.org/oss-sec/2022/q1/205",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://seclists.org/oss-sec/2022/q1/205",
"name" : "https://seclists.org/oss-sec/2022/q1/205",
"refsource" : "",
"tags" : [ "Exploit", "Mailing List", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:3.13:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "3.13",
"versionEndIncluding" : "5.17",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1018",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-611"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-01",
"refsource" : "",
"tags" : [ "Mitigation", "Patch", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "When opening a malicious solution file provided by an attacker, the application suffers from an XML external entity vulnerability due to an unsafe call within a dynamic link library file. An attacker could exploit this to pass data from local files to a remote web server, leading to a loss of confidentiality."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rockwellautomation:isagraf:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "6.6.9",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:rockwellautomation:connected_components_workbench:*:*:*:*:-:*:*:*",
"versionEndIncluding" : "12.0",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:rockwellautomation:safety_instrumented_systems_workstation:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1019",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.corporate.carrier.com/Images/CARR-PSA-ALC-WebCTRL-001-1121_tcm558-149395.pdf",
"name" : "https://www.corporate.carrier.com/Images/CARR-PSA-ALC-WebCTRL-001-1121_tcm558-149395.pdf",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
}, {
"url" : "https://www.corporate.carrier.com/Images/CARR-PSA-ALC-WebCTRL-001-1121_tcm558-149395.pdf",
"name" : "https://www.corporate.carrier.com/Images/CARR-PSA-ALC-WebCTRL-001-1121_tcm558-149395.pdf",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Automated Logic's WebCtrl Server Version 6.1 'Help' index pages are vulnerable to open redirection. The vulnerability allows an attacker to send a maliciously crafted URL which could result in redirecting the user to a malicious webpage or downloading a malicious file."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:automatedlogic:webctrl_server:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "7.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-19T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1020",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5",
"name" : "https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5",
"name" : "https://wpscan.com/vulnerability/04fe89b3-8ad1-482f-a96d-759d1d3a0dd5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Product Table for WooCommerce (wooproducttable) WordPress plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:codeastrology:woo_product_table:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.1.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1021",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chatwoot/chatwoot/commit/24b20c10cebd25e61de8d4266c63fde94772e889",
"name" : "https://github.com/chatwoot/chatwoot/commit/24b20c10cebd25e61de8d4266c63fde94772e889",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chatwoot/chatwoot/commit/24b20c10cebd25e61de8d4266c63fde94772e889",
"name" : "https://github.com/chatwoot/chatwoot/commit/24b20c10cebd25e61de8d4266c63fde94772e889",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a8187478-75e1-4d62-b894-651269401ca3",
"name" : "https://huntr.dev/bounties/a8187478-75e1-4d62-b894-651269401ca3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a8187478-75e1-4d62-b894-651269401ca3",
"name" : "https://huntr.dev/bounties/a8187478-75e1-4d62-b894-651269401ca3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chatwoot:chatwoot:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-08-19T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1022",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/chatwoot/chatwoot/commit/27ddd77a1b621f503fe89a436a49f44b0b1204b5",
"name" : "https://github.com/chatwoot/chatwoot/commit/27ddd77a1b621f503fe89a436a49f44b0b1204b5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/chatwoot/chatwoot/commit/27ddd77a1b621f503fe89a436a49f44b0b1204b5",
"name" : "https://github.com/chatwoot/chatwoot/commit/27ddd77a1b621f503fe89a436a49f44b0b1204b5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2e4ac6b5-7357-415d-9633-65c636b20e94",
"name" : "https://huntr.dev/bounties/2e4ac6b5-7357-415d-9633-65c636b20e94",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2e4ac6b5-7357-415d-9633-65c636b20e94",
"name" : "https://huntr.dev/bounties/2e4ac6b5-7357-415d-9633-65c636b20e94",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:chatwoot:chatwoot:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-21T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1023",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://plugins.trac.wordpress.org/changeset/2696254",
"name" : "https://plugins.trac.wordpress.org/changeset/2696254",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://plugins.trac.wordpress.org/changeset/2696254",
"name" : "https://plugins.trac.wordpress.org/changeset/2696254",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/163069cd-98a8-4cfb-8b58-a6727a7d5c48",
"name" : "https://wpscan.com/vulnerability/163069cd-98a8-4cfb-8b58-a6727a7d5c48",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/163069cd-98a8-4cfb-8b58-a6727a7d5c48",
"name" : "https://wpscan.com/vulnerability/163069cd-98a8-4cfb-8b58-a6727a7d5c48",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Podcast Importer SecondLine WordPress plugin before 1.3.8 does not sanitise and properly escape some imported data, which could allow SQL injection attacks to be performed by imported a malicious podcast file"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:secondlinethemes:podcast_importer_secondline:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.3.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1024",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1025",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww",
"name" : "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww",
"name" : "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2f5v-8r3f-8pww",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "0.5.0",
"versionEndIncluding" : "2.1.12",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.3.0",
"versionEndIncluding" : "2.3.1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:argoproj:argo_cd:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.2.0",
"versionEndIncluding" : "2.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-07-12T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1026",
"ASSIGNER" : "cve@rapid7.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-522"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"name" : "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"name" : "https://www.kyoceradocumentsolutions.com/en/our-business/security/information/2022-04-04.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"name" : "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"name" : "https://www.rapid7.com/blog/post/2022/03/29/cve-2022-1026-kyocera-net-view-address-book-exposure/",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:kyocera:net_viewer:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2s0_1000.005.0012s5_2000.002.505",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 8.6,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 4.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1027",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3",
"name" : "https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3",
"name" : "https://wpscan.com/vulnerability/9dbb0d6d-bc84-4b85-8aa5-fa2a8e6fa5e3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross-Site Scripting that will only affect administrator users."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:minioragne:page_restriction:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.2.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1028",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/16fc08ec-8476-4f3c-93ea-6a51ed880dd5",
"name" : "https://wpscan.com/vulnerability/16fc08ec-8476-4f3c-93ea-6a51ed880dd5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/16fc08ec-8476-4f3c-93ea-6a51ed880dd5",
"name" : "https://wpscan.com/vulnerability/16fc08ec-8476-4f3c-93ea-6a51ed880dd5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WordPress Security Firewall, Malware Scanner, Secure Login and Backup plugin before 4.2.1 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:miniorange:wordpress_security:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1029",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/0e74eeb4-89e2-4873-904f-ad4f25c4a8ba",
"name" : "https://wpscan.com/vulnerability/0e74eeb4-89e2-4873-904f-ad4f25c4a8ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/0e74eeb4-89e2-4873-904f-ad4f25c4a8ba",
"name" : "https://wpscan.com/vulnerability/0e74eeb4-89e2-4873-904f-ad4f25c4a8ba",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Limit Login Attempts WordPress plugin before 4.0.72 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:miniorange:limit_login_attempts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.0.72",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1030",
"ASSIGNER" : "psirt@okta.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-78"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030",
"name" : "https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030",
"name" : "https://trust.okta.com/security-advisories/okta-advanced-server-access-client-cve-2022-1030",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:okta:advanced_server_access:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.58.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.3
},
"severity" : "HIGH",
"exploitabilityScore" : 8.6,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-23T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1031",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/a7ce29647fcb38386d7439696375e16e093d6acb",
"name" : "https://github.com/radareorg/radare2/commit/a7ce29647fcb38386d7439696375e16e093d6acb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/a7ce29647fcb38386d7439696375e16e093d6acb",
"name" : "https://github.com/radareorg/radare2/commit/a7ce29647fcb38386d7439696375e16e093d6acb",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457",
"name" : "https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457",
"name" : "https://huntr.dev/bounties/37da2cd6-0b46-4878-a32e-acbfd8f6f457",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 prior to 5.6.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-22T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1032",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-502"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5",
"name" : "https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5",
"name" : "https://github.com/crater-invoice/crater/commit/7cde971f8b79579951df98384a5210d25f698af5",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622",
"name" : "https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622",
"name" : "https://huntr.dev/bounties/cb9a0393-be34-4021-a06c-00c7791c7622",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Insecure deserialization of not validated module file in GitHub repository crater-invoice/crater prior to 6.0.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1033",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/crater-invoice/crater/commit/88035ea49082f7053a37ef07bf3587e09d9d22b4",
"name" : "https://github.com/crater-invoice/crater/commit/88035ea49082f7053a37ef07bf3587e09d9d22b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/crater-invoice/crater/commit/88035ea49082f7053a37ef07bf3587e09d9d22b4",
"name" : "https://github.com/crater-invoice/crater/commit/88035ea49082f7053a37ef07bf3587e09d9d22b4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4d7d4fc9-e0cf-42d3-b89c-6ea57a769045",
"name" : "https://huntr.dev/bounties/4d7d4fc9-e0cf-42d3-b89c-6ea57a769045",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4d7d4fc9-e0cf-42d3-b89c-6ea57a769045",
"name" : "https://huntr.dev/bounties/4d7d4fc9-e0cf-42d3-b89c-6ea57a769045",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:craterapp:crater:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.0.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-23T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1034",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-434"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/star7th/showdoc/commit/bd792a89c0325836fbd64784f4c4117c0171416b",
"name" : "https://github.com/star7th/showdoc/commit/bd792a89c0325836fbd64784f4c4117c0171416b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/star7th/showdoc/commit/bd792a89c0325836fbd64784f4c4117c0171416b",
"name" : "https://github.com/star7th/showdoc/commit/bd792a89c0325836fbd64784f4c4117c0171416b",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d205c489-3266-4ac4-acb7-c8ee570887f7",
"name" : "https://huntr.dev/bounties/d205c489-3266-4ac4-acb7-c8ee570887f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/d205c489-3266-4ac4-acb7-c8ee570887f7",
"name" : "https://huntr.dev/bounties/d205c489-3266-4ac4-acb7-c8ee570887f7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:showdoc:showdoc:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.10.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-22T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1035",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243",
"name" : "https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243",
"name" : "https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b",
"name" : "https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b",
"name" : "https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5411",
"name" : "DSA-5411",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://www.debian.org/security/2023/dsa-5411",
"name" : "DSA-5411",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpac prior to 2.1.0-DEV."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-21T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1036",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-190"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a",
"name" : "https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a",
"name" : "https://github.com/microweber/microweber/commit/82be4f0b4729be870ccefdae99a04833f134aa6a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424",
"name" : "https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424",
"name" : "https://huntr.dev/bounties/db615581-d5a9-4ca5-a3e9-7a39eceaa424",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Able to create an account with long password leads to memory corruption / Integer Overflow in GitHub repository microweber/microweber prior to 1.2.12."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.12",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-22T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1037",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/bd8555bd-8086-41d0-a1f7-3557bc3af957",
"name" : "https://wpscan.com/vulnerability/bd8555bd-8086-41d0-a1f7-3557bc3af957",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/bd8555bd-8086-41d0-a1f7-3557bc3af957",
"name" : "https://wpscan.com/vulnerability/bd8555bd-8086-41d0-a1f7-3557bc3af957",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLs"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:villatheme:exmage:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.0.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.2,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1038",
"ASSIGNER" : "hp-security-alert@hp.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791",
"name" : "https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791",
"name" : "https://support.hp.com/us-en/document/ish_6189329-6189528-16/hpsbhf03791",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A potential security vulnerability has been identified in the HP Jumpstart software, which might allow escalation of privilege. HP is recommending that customers uninstall HP Jumpstart and use myHP software."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:hp:jumpstart:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:15-f200_notebook_pc_touch:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:240_g5_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:240_g6_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:240_g7_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:245_g6_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:245_g7_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:250_g5_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:250_g6_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:255_g5_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:255_g6_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:255_g7_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:258_g7_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:260_g3_desktop_mini:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:260_g3_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:280_g3_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:280_g3_pci_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:288_pro_g3_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:290_g1_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:340_g5_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:convertible_x360_11-ab0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:convertible_x360_11-ab1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elite_x2_1012_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elite_x2_1012_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elite_x2_1013_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_1030_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_1040_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_1040_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_1050_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_725_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_725_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_735_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_745_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_745_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_755_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_755_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_755_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_820_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_820_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_828_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_828_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_830_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_836_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_840_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_840_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_840_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_840_g5_healthcare_edition:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_840r_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_846_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_848_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_848_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_850_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_850_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_850_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_folio_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_revolve_810_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_x360_1020_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_x360_1030_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_x360_1030_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitebook_x360_1040_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_705_g2_mt_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_705_g3_desktop_mini:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_705_g3_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_705_g3_sff_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_705_g4_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_35w_g2_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_35w_g3_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_65w_g2_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_65w_g3_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_65w_g4_desktop_mini_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g2_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g2_twr:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g3_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g3_tower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g4_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_800_g4_tower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_880_g2_tower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_880_g3_tower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:elitedesk_880_g4_tower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:eliteone_1000_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:eliteone_1000_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:eliteone_800_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:eliteone_800_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:eliteone_800_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:engage_flex_pro-c_retail_system:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:engage_go_mobile_system:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:engage_one_aio_system:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_13-ad0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_13-ad1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_13-ah0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_13-ah1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_13-aq0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17-ae0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17-ae1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17-bw0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17-ce0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17m-ae0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17m-ae1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17m-bw0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_laptop_17m-ce0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_13-d1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_15-as0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_15-as1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_17-s1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_17-u1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_notebook_17-u2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x2_detachable_12-g0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_13-ag0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_13-ar0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_13-y0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_13m-ag0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_13m-ar0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-aq0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-aq1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-aq2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-ar0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-bq0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-bq1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-bq2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-cn0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-cn1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-cp0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-dr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-ds0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15-w2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-bq0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-bq1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-cn0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-cp0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-dr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_15m-ds0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_m6-ar0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_pc_15-bp000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_pc_15-bp1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_pc_15m-bp0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:envy_x360_convertible_pc_15m-bp1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bp0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bp1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bs0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bs1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bs2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bs5xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bs6xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-bw0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-cf0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-cf1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-ck0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-ck1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-cm0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-cm1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-di0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-di1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-dk0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-dq0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-ma0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14-ma1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-br0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-br1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-br2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-bx0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-cr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-cr1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-cx0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14g-cx1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-bu0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-bu1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-bu2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-by0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-cs0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-cs1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-cy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14q-cy1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-bc0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-bc1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-be0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-be1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-bp0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-bp1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cf0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cf1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cr1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cs0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-cs1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dk0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dm0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dp0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dq0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_14s-dy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs5xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs6xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bs7xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bw0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bw5xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-bw6xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-da0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-da1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-db0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-db1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-di0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-di1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-dw0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-dy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-ra0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15-ra1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-br0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-br1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-bx0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-dr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-dr1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-dx0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15g-dx1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-bu0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-bu1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-by0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-ds0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-ds1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-dy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15q-dy1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-dr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-du0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-dy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-fq0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-fr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_15s-fy0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-ak0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-bs0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-bs1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-by0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-by1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-ca0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17-ca1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17g-br0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17g-br1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17g-cr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17g-cr1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17q-bu0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17q-bu1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17q-cs0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:laptop_17q-cs1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-am0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-am1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-an0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-aq0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-aq1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-ar0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-ar1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-as0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_14-au0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-ba0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-ba1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-bf0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-bf1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-bg0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-bg1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_15-f3xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-ac0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-ac1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-ad0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-ad1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-x0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-x1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_17-y0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-ay0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-ay1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-ay5xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-bd0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-bd1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-be0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:notebook_pc_15-be1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-ax0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-ax1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-ax2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-ce0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-ce1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-dc0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-dg0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_15-dh0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-an0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-an1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-ap0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-cb0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-w0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-w1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:omen_17-w2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_14_g1_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_15-bc000_notebook_pc_series:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_15-bc000_notebook_pc_series_\\(touch\\):-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_15-bc500_laptop:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_17-ab000_notebook_pc_series_\\(touch\\):-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_gaming_laptop_15-cx0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_gaming_laptop_15-dk0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_gaming_laptop_17-cd0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_13-an0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-bf0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-bf1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-bf6xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-bk0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-bk1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-ce0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-ce1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_14-ce2xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cc0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cc1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cc5xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cc6xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cc7xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cd0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-ck0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cs0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cs1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cs2xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cu0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cu1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cw0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_15-cw1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_laptop_17-ar0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_14-al0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_14-al1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_14-av0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-au0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-au1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-aw1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-bc2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-bc3xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-bc4xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_15-dp0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-ab0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-ab2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-ab3xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-ab4xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-g1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_notebook_17-g2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_power_laptop_15-cb0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_14_g1_convertible_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11-ad0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11-ad1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11-ap0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11-u0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11-u1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11m-ad0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11m-ad1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_11m-ap0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_13-u0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_13-u1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-ba0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-ba1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-ba2xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-cc0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-cc1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14-dh0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14m-ba0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14m-ba1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14m-dh0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14q-cd0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14q-cd1xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_14q-dh0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-bk0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-bk1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-br0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-br1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-cr0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_15-dq0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_m1-u0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_m1-u1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pavilion_x360_convertible_m3-s000:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pro_tablet_608_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pro_x2_612_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:pro_x2_612_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_11_g2:-:*:*:*:education:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_430_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_430_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_430_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_430_g6:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_440_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_440_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_440_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_440_g6:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_445_g6:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_446_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_450_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_450_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_450_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_450_g6:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_455_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_455_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_455_g6:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_470_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_470_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_470_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_640_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_640_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_640_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_645_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_645_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_645_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_650_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_650_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_650_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_655_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_655_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_x360_11_g1:-:*:*:*:education:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_x360_11_g2:-:*:*:*:education:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_x360_11_g3_education_edition:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:probook_x360_440_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g2_dm:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g3_dm:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g3_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g4_dm:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g4_microtower:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g4_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_400_g5_microtower:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_480_g4_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_480_g5_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g2_dm:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g2_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g2_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g3_desktop_mini:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g3_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_600_g3_sff:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_680_g2_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_680_g3_microtower_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:prodesk_680_g4_microtower_pc\\(with_pci_slot\\):-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_400_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_440_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_480_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_600_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_600_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:proone_600_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_folio_convertible_13-ak0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_laptop_13-af0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_laptop_13-af1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_notebook_13-v0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_notebook_13-v1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_pro_13_g1_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_pro_x360_g2_convertible_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x2_detachable_12-c0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_13-42xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_13-ac0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_13-ae0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_13-ap0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_13-w0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_15-ap0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_15-bl0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_15-bl1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_15-ch0xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:spectre_x360_convertible_15-df0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_11_pro_g3_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_11_pro_g4:-:*:*:*:education:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_11_pro_g4_notebook_pc:-:*:*:*:education:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_11_pro_g5_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_14-ax000_laptop_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_14_pro_notebook_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_laptop_11-ak0xxx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:stream_laptop_11-y1xx:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:vr_backpack_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:x360_310_g2_convertible_pc:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_14u_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15u_g3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15u_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_15v_g5_mobile_workstation:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_17_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_17_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_studio_g4:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_studio_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zbook_studio_x360_g5:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_66_pro_13_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_66_pro_14_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_66_pro_15_g2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_66_pro_a_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_66_pro_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_86_pro_g1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:hp:zhan_99_g1_mobile_workstation:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-12-12T13:15Z",
"lastModifiedDate" : "2025-04-29T05:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1039",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-521"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-104-03",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The weak password on the web user interface can be exploited via HTTP or HTTPS. Once such access has been obtained, the other passwords can be changed. The weak password on Linux accounts can be accessed via SSH or Telnet, the former of which is by default enabled on trusted interfaces. While the SSH service does not support root login, a user logging in using either of the other Linux accounts may elevate to root access using the su command if they have access to the associated password."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redlion:da50n_firmware:*:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:redlion:da50n:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 10.0
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-20T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1040",
"ASSIGNER" : "security-alert@sophos.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-noinfo"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"name" : "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"name" : "http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.exploit-db.com/exploits/51006",
"name" : "https://www.exploit-db.com/exploits/51006",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.exploit-db.com/exploits/51006",
"name" : "https://www.exploit-db.com/exploits/51006",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce",
"name" : "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "18.5.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T12:15Z",
"lastModifiedDate" : "2025-03-13T16:36Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1041",
"ASSIGNER" : "vulnerabilities@zephyrproject.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38",
"name" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38",
"name" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-26T05:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1042",
"ASSIGNER" : "vulnerabilities@zephyrproject.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x",
"name" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x",
"name" : "http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "ADJACENT_NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-26T05:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1043",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.html",
"name" : "http://packetstormsecurity.com/files/170834/io_uring-Same-Type-Object-Reuse-Privilege-Escalation.html",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-1043",
"name" : "https://access.redhat.com/security/cve/CVE-2022-1043",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://access.redhat.com/security/cve/CVE-2022-1043",
"name" : "https://access.redhat.com/security/cve/CVE-2022-1043",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1997328",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1997328",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1997328",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1997328",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14",
"name" : "https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14",
"name" : "https://github.com/torvalds/linux/commit/a30f895ad3239f45012e860d4f94c1a388b36d14",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-362/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-362/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-22-362/",
"name" : "https://www.zerodayinitiative.com/advisories/ZDI-22-362/",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.10.51",
"versionEndExcluding" : "5.10.61",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.13.13",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.0,
"impactScore" : 6.0
}
},
"publishedDate" : "2022-08-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1044",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-922"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/polonel/trudesk/commit/097b4823935c4fa524e71ab2dd107cf2056922b0",
"name" : "https://github.com/polonel/trudesk/commit/097b4823935c4fa524e71ab2dd107cf2056922b0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/polonel/trudesk/commit/097b4823935c4fa524e71ab2dd107cf2056922b0",
"name" : "https://github.com/polonel/trudesk/commit/097b4823935c4fa524e71ab2dd107cf2056922b0",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ff878be9-563a-4d0e-99c1-fc3c767f6d3e",
"name" : "https://huntr.dev/bounties/ff878be9-563a-4d0e-99c1-fc3c767f6d3e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/ff878be9-563a-4d0e-99c1-fc3c767f6d3e",
"name" : "https://huntr.dev/bounties/ff878be9-563a-4d0e-99c1-fc3c767f6d3e",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:trudesk_project:trudesk:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-12T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1045",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/polonel/trudesk/commit/c4b262c2613d4a8865de0b3252112544bd81997a",
"name" : "https://github.com/polonel/trudesk/commit/c4b262c2613d4a8865de0b3252112544bd81997a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/polonel/trudesk/commit/c4b262c2613d4a8865de0b3252112544bd81997a",
"name" : "https://github.com/polonel/trudesk/commit/c4b262c2613d4a8865de0b3252112544bd81997a",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b0c4f992-4ac8-4479-82f4-367ed1a2a826",
"name" : "https://huntr.dev/bounties/b0c4f992-4ac8-4479-82f4-367ed1a2a826",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/b0c4f992-4ac8-4479-82f4-367ed1a2a826",
"name" : "https://huntr.dev/bounties/b0c4f992-4ac8-4479-82f4-367ed1a2a826",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:trudesk_project:trudesk:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-11T07:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1046",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/a1ae4512-0b5b-4f36-8334-14633bf24758",
"name" : "https://wpscan.com/vulnerability/a1ae4512-0b5b-4f36-8334-14633bf24758",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/a1ae4512-0b5b-4f36-8334-14633bf24758",
"name" : "https://wpscan.com/vulnerability/a1ae4512-0b5b-4f36-8334-14633bf24758",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Visual Form Builder WordPress plugin before 3.0.7 does not sanitise and escape the form's 'Email to' field , which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "3.0.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-02T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1047",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/078bd5f6-64f7-4665-825b-9fd0c2b7b91b",
"name" : "https://wpscan.com/vulnerability/078bd5f6-64f7-4665-825b-9fd0c2b7b91b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/078bd5f6-64f7-4665-825b-9fd0c2b7b91b",
"name" : "https://wpscan.com/vulnerability/078bd5f6-64f7-4665-825b-9fd0c2b7b91b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Themify Post Type Builder Search Addon WordPress plugin before 1.4.0 does not properly escape the current page URL before reusing it in a HTML attribute, leading to a reflected cross site scripting vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:themify:post_type_builder_search_addon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.4.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1048",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-362"
}, {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066706",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066706",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066706",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2066706",
"refsource" : "",
"tags" : [ "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3",
"name" : "https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3",
"name" : "https://lore.kernel.org/lkml/20220322170720.3529-5-tiwai%40suse.de/T/#m1d3b791b815556012c6be92f1c4a7086b854f7f3",
"refsource" : "",
"tags" : [ "Mailing List", "Patch" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220629-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220629-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220629-0001/",
"name" : "https://security.netapp.com/advisory/ntap-20220629-0001/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5127",
"name" : "DSA-5127",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5127",
"name" : "DSA-5127",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5173",
"name" : "DSA-5173",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "2.6.12",
"versionEndExcluding" : "4.14.279",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.15",
"versionEndExcluding" : "4.19.243",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "4.20",
"versionEndExcluding" : "5.4.193",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.5",
"versionEndExcluding" : "5.10.109",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.11",
"versionEndExcluding" : "5.15.32",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.16",
"versionEndExcluding" : "5.16.18",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "HIGH",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.0,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.0,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 6.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-29T16:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1049",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5",
"name" : "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5",
"name" : "https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00017.html",
"name" : "[debian-lts-announce] 20220914 [SECURITY] [DLA 3108-1] pcs security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2022/09/msg00017.html",
"name" : "[debian-lts-announce] 20220914 [SECURITY] [DLA 3108-1] pcs security update",
"refsource" : "",
"tags" : [ "Mailing List", "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5226",
"name" : "DSA-5226",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.debian.org/security/2022/dsa-5226",
"name" : "DSA-5226",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "0.11.2",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1050",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2069625",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2069625",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2069625",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2069625",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html",
"name" : "[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.debian.org/debian-lts-announce/2023/03/msg00013.html",
"name" : "[debian-lts-announce] 20230314 [SECURITY] [DLA 3362-1] qemu security update",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands when shared buffers are not yet allocated, potentially leading to a use-after-free condition."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "2.20.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.0,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1051",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/cb2fa587-da2f-460e-a402-225df7744765",
"name" : "https://wpscan.com/vulnerability/cb2fa587-da2f-460e-a402-225df7744765",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/cb2fa587-da2f-460e-a402-225df7744765",
"name" : "https://wpscan.com/vulnerability/cb2fa587-da2f-460e-a402-225df7744765",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it in the profile page, allowing any authenticated user to perform Cross-Site Scripting attacks."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1052",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/0052500c1ed5bf8263b26b9fd7773dbdc6f170c4",
"name" : "https://github.com/radareorg/radare2/commit/0052500c1ed5bf8263b26b9fd7773dbdc6f170c4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/0052500c1ed5bf8263b26b9fd7773dbdc6f170c4",
"name" : "https://github.com/radareorg/radare2/commit/0052500c1ed5bf8263b26b9fd7773dbdc6f170c4",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3b3b7f77-ab8d-4de3-999b-eeec0a3eebe7",
"name" : "https://huntr.dev/bounties/3b3b7f77-ab8d-4de3-999b-eeec0a3eebe7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/3b3b7f77-ab8d-4de3-999b-eeec0a3eebe7",
"name" : "https://huntr.dev/bounties/3b3b7f77-ab8d-4de3-999b-eeec0a3eebe7",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap Buffer Overflow in iterate_chained_fixups in GitHub repository radareorg/radare2 prior to 5.6.6."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.6",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 2.1
},
"severity" : "LOW",
"exploitabilityScore" : 3.9,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1053",
"ASSIGNER" : "secalert@redhat.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065024%2C",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065024%2C",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065024%2C",
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2065024%2C",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/keylime/keylime/commit/bd5de712acdd77860e7dc58969181e16c7a8dc5d",
"name" : "https://github.com/keylime/keylime/commit/bd5de712acdd77860e7dc58969181e16c7a8dc5d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/keylime/keylime/commit/bd5de712acdd77860e7dc58969181e16c7a8dc5d",
"name" : "https://github.com/keylime/keylime/commit/bd5de712acdd77860e7dc58969181e16c7a8dc5d",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/keylime/keylime/security/advisories/GHSA-jf66-3q76-h5p5%2C",
"name" : "https://github.com/keylime/keylime/security/advisories/GHSA-jf66-3q76-h5p5%2C",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://github.com/keylime/keylime/security/advisories/GHSA-jf66-3q76-h5p5%2C",
"name" : "https://github.com/keylime/keylime/security/advisories/GHSA-jf66-3q76-h5p5%2C",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WAKVXM7L5D2DUACV6EHA6EJNAX2GVL/",
"name" : "FEDORA-2022-748fda10e7",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A7WAKVXM7L5D2DUACV6EHA6EJNAX2GVL/",
"name" : "FEDORA-2022-748fda10e7",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF6QHU4UGSBATC3HOOE7OP66CYVTR7CV/",
"name" : "FEDORA-2022-f9ace23a78",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RF6QHU4UGSBATC3HOOE7OP66CYVTR7CV/",
"name" : "FEDORA-2022-f9ace23a78",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEW2PAXO5YGLDLPG45YV2OPLJXJSCECQ/",
"name" : "FEDORA-2022-7c9173843a",
"refsource" : "",
"tags" : [ ]
}, {
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WEW2PAXO5YGLDLPG45YV2OPLJXJSCECQ/",
"name" : "FEDORA-2022-7c9173843a",
"refsource" : "",
"tags" : [ ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Keylime does not enforce that the agent registrar data is the same when the tenant uses it for validation of the EK and identity quote and the verifier for validating the integrity quote. This allows an attacker to use one AK, EK pair from a real TPM to pass EK validation and give the verifier an AK of a software TPM. A successful attack breaks the entire chain of trust because a not validated AK is used by the verifier. This issue is worse if the validation happens first and then the agent gets added to the verifier because the timing is easier and the verifier does not validate the regcount entry being equal to 1,"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:keylime:keylime:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.4.0",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-06T17:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1054",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d",
"name" : "https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d",
"name" : "https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpchill:rsvp_and_event_management:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.7.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 3.9,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1055",
"ASSIGNER" : "security@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"name" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"name" : "http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"name" : "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"name" : "https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"name" : "https://kernel.dance/#04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0007/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0007/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20220506-0007/",
"name" : "https://security.netapp.com/advisory/ntap-20220506-0007/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc",
"name" : "https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc",
"name" : "https://syzkaller.appspot.com/bug?id=2212474c958978ab86525fe6832ac8102c309ffc",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "5.1",
"versionEndExcluding" : "5.17",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.6
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1056",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-125"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/391",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/391",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/issues/391",
"name" : "https://gitlab.com/libtiff/libtiff/-/issues/391",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/307",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/307",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/307",
"name" : "https://gitlab.com/libtiff/libtiff/-/merge_requests/307",
"refsource" : "",
"tags" : [ "Issue Tracking", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202210-10",
"name" : "GLSA-202210-10",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"name" : "https://security.netapp.com/advisory/ntap-20221228-0008/",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:libtiff:libtiff:4.3.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-28T19:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1057",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243",
"name" : "https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243",
"name" : "https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:varktech:pricing_deals_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "2.0.2.02",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-07-11T13:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1058",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-601"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48",
"name" : "https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48",
"name" : "https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d",
"name" : "https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d",
"name" : "https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitea:gitea:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.16.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 5.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-24T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1059",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aethon:tug_home_base_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "24",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2022-10-21T16:15Z",
"lastModifiedDate" : "2025-04-17T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1061",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/radareorg/radare2/commit/d4ce40b516ffd70cf2e9e36832d8de139117d522",
"name" : "https://github.com/radareorg/radare2/commit/d4ce40b516ffd70cf2e9e36832d8de139117d522",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/radareorg/radare2/commit/d4ce40b516ffd70cf2e9e36832d8de139117d522",
"name" : "https://github.com/radareorg/radare2/commit/d4ce40b516ffd70cf2e9e36832d8de139117d522",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a7546dae-01c5-4fb0-8a8e-c04ea4e9bac7",
"name" : "https://huntr.dev/bounties/a7546dae-01c5-4fb0-8a8e-c04ea4e9bac7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/a7546dae-01c5-4fb0-8a8e-c04ea4e9bac7",
"name" : "https://huntr.dev/bounties/a7546dae-01c5-4fb0-8a8e-c04ea4e9bac7",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Heap Buffer Overflow in parseDragons in GitHub repository radareorg/radare2 prior to 5.6.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.6.8",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-24T10:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1062",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0",
"name" : "https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0",
"name" : "https://wpscan.com/vulnerability/e770ba87-95d2-40c9-89cc-5d7390e9cbb0",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:th23:th23_social:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.2.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1063",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/f90c528b-8c3a-4f9a-aa36-099c24abe082",
"name" : "https://wpscan.com/vulnerability/f90c528b-8c3a-4f9a-aa36-099c24abe082",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/f90c528b-8c3a-4f9a-aa36-099c24abe082",
"name" : "https://wpscan.com/vulnerability/f90c528b-8c3a-4f9a-aa36-099c24abe082",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Thank Me Later WordPress plugin through 3.3.4 does not sanitise and escape the Message Subject field before outputting it in the Messages list, which could allow high privileges users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:thank_me_later_project:thank_me_later:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "3.3.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1064",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069",
"name" : "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069",
"name" : "https://github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40",
"name" : "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40",
"name" : "https://huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "5.11.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-25T12:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1065",
"ASSIGNER" : "vulnerability@ncsc.ch"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.redguard.ch/advisories/abacus_mfa_bypass.txt",
"name" : "https://www.redguard.ch/advisories/abacus_mfa_bypass.txt",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://www.redguard.ch/advisories/abacus_mfa_bypass.txt",
"name" : "https://www.redguard.ch/advisories/abacus_mfa_bypass.txt",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second authentication factor. This issue affects: Abacus ERP v2022 versions prior to R1 of 2022-01-15; v2021 versions prior to R4 of 2022-01-15; v2020 versions prior to R6 of 2022-01-15; v2019 versions later than R5 (service pack); v2018 versions later than R5 (service pack). This issue does not affect: Abacus ERP v2019 versions prior to R5 of 2020-03-15; v2018 versions prior to R7 of 2020-04-15; v2017 version and prior versions and prior versions."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abacus:abacus_erp_2018:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "r7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abacus:abacus_erp_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding" : "r5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abacus:abacus_erp_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "r1",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abacus:abacus_erp_2020:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "r6",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:abacus:abacus_erp_2021:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "r4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 9.0
},
"severity" : "HIGH",
"exploitabilityScore" : 8.0,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-19T08:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1066",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aethon:tug_home_base_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "24",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "HIGH",
"availabilityImpact" : "NONE",
"baseScore" : 8.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 4.2
}
},
"publishedDate" : "2022-10-21T16:15Z",
"lastModifiedDate" : "2025-04-17T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1067",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-095-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-095-01",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-095-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsma-22-095-01",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Navigating to a specific URL with a patient ID number will result in the server generating a PDF of a lab report without authentication and rate limiting."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lifepoint:patient_portal:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "lpi_3.5.12.p30",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-11T20:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1068",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-787"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-04",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-04",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-04",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-088-04",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:modbustools:modbus_slave:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "7.4.3",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1069",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
"name" : "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
"name" : "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.html",
"refsource" : "",
"tags" : [ "Mitigation", "Vendor Advisory" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A crafted HTTP packet with a large content-length header can create a denial-of-service condition in Softing Secure Integration Server V1.22."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:edgeaggregator:3.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:secure_integration_server:1.22:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:edgeconnector:3.1:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:opc:5.2:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:opc_ua_c\\+\\+_software_development_kit:6:*:*:*:*:*:*:*",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:softing:uagates:1.74:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-08-17T21:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1070",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-102-05",
"refsource" : "",
"tags" : [ "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Aethon TUG Home Base Server versions prior to version 24 are affected by un unauthenticated attacker who can freely access hashed user credentials."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:aethon:tug_home_base_server:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "24",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "HIGH",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.1,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.2,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-10-21T16:15Z",
"lastModifiedDate" : "2025-04-17T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1071",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"name" : "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"name" : "https://github.com/mruby/mruby/commit/aaa28a508903041dd7399d4159a8ace9766b022f",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"name" : "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"name" : "https://huntr.dev/bounties/6597ece9-07af-415b-809b-919ce0a17cf3",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "User after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.2,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.5,
"impactScore" : 6.0
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.8
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-26T04:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1072",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26254. Reason: This candidate is a reservation duplicate of CVE-2022-26254. Notes: All CVE users should reference CVE-2022-26254 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ ]
},
"impact" : { },
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2023-11-07T03:41Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1073",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-640"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194839",
"name" : "https://vuldb.com/?id.194839",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194839",
"name" : "https://vuldb.com/?id.194839",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:automatic_question_paper_generator_system_project:automatic_question_paper_generator_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1074",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194845",
"name" : "https://vuldb.com/?id.194845",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194845",
"name" : "https://vuldb.com/?id.194845",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input HTML Injection
in the WiFi settings of the dashboard leads to html injection."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:tem:flex-1085_firmware:1.6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:tem:flex-1085:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1075",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194846",
"name" : "https://vuldb.com/?id.194846",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194846",
"name" : "https://vuldb.com/?id.194846",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht",
"name" : "https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht",
"refsource" : "",
"tags" : [ "Broken Link", "Product" ]
}, {
"url" : "https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht",
"name" : "https://www.sourcecodester.com/php/15203/college-website-content-management-system-phpoop-free-source-code.ht",
"refsource" : "",
"tags" : [ "Broken Link", "Product" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=save_contact of the component Contact Handler. The manipulation leads to persistent cross site scripting. The attack may be launched remotely and requires authentication."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:college_website_management_system_project:college_website_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1076",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194847",
"name" : "https://vuldb.com/?id.194847",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194847",
"name" : "https://vuldb.com/?id.194847",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. It is possible to initiate the attack remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:automatic_question_paper_generator_system_project:automatic_question_paper_generator_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1077",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-425"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194848",
"name" : "https://vuldb.com/?id.194848",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194848",
"name" : "https://vuldb.com/?id.194848",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disclosure of hardware information. The attack can be initiated remotely and does not require any form of authentication."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:tem:flex-1085_firmware:1.6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:tem:flex-1085:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:tem:flex-1080_firmware:1.6.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:tem:flex-1080:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 5.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1078",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194856",
"name" : "https://vuldb.com/?id.194856",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.194856",
"name" : "https://vuldb.com/?id.194856",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/view_article/. The manipulation of the argument id with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc with an unknown input leads to sql injection. It is possible to launch the attack remotely and without authentication."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:college_website_management_system_project:college_website_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1079",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195426",
"name" : "https://vuldb.com/?id.195426",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195426",
"name" : "https://vuldb.com/?id.195426",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is possible to launch the attack remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:one_church_management_system_project:one_church_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1080",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195442",
"name" : "https://vuldb.com/?id.195442",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195442",
"name" : "https://vuldb.com/?id.195442",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the argument search2 leads to sql injection. The attack can be initiated remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:one_church_management_system_project:one_church_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1081",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195640",
"name" : "https://vuldb.com/?id.195640",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195640",
"name" : "https://vuldb.com/?id.195640",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulation of the argument first_name, middle_name, and surname leads to cross site scripting. The attack can be initiated remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microfinance_management_system_project:microfinance_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1082",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195641",
"name" : "https://vuldb.com/?id.195641",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195641",
"name" : "https://vuldb.com/?id.195641",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the argument username/password with the input '||1=1# leads to sql injection. The attack may be initiated remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microfinance_management_system_project:microfinance_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1083",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-89"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195642",
"name" : "https://vuldb.com/?id.195642",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195642",
"name" : "https://vuldb.com/?id.195642",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_number with the input ' and (select * from(select(sleep(10)))Avx) and 'abc' = 'abc leads to sql injection in multiple files. It is possible to launch the attack remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:microfinance_management_system_project:microfinance_management_system:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1084",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.195643",
"name" : "https://vuldb.com/?id.195643",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195643",
"name" : "https://vuldb.com/?id.195643",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php. The manipulation leads to authentication bypass. The attack can be launched remotely."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:one_church_management_system_project:one_church_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 7.5
},
"severity" : "HIGH",
"exploitabilityScore" : 10.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1085",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?id.194857",
"name" : "https://vuldb.com/?id.194857",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.194857",
"name" : "https://vuldb.com/?id.194857",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:cltphp:cltphp:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "6.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1086",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md",
"name" : "https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md",
"name" : "https://github.com/xiahao90/CVEproject/blob/main/DolphinPHPV1.5.0_xss.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195368",
"name" : "https://vuldb.com/?id.195368",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195368",
"name" : "https://vuldb.com/?id.195368",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:dolphinphp_project:dolphinphp:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "1.5.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1087",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-79"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/liaojia-99/project/blob/main/htmly/1.md",
"name" : "https://github.com/liaojia-99/project/blob/main/htmly/1.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/liaojia-99/project/blob/main/htmly/1.md",
"name" : "https://github.com/liaojia-99/project/blob/main/htmly/1.md",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/liaojia-99/project/tree/main/htmly",
"name" : "https://github.com/liaojia-99/project/tree/main/htmly",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://github.com/liaojia-99/project/tree/main/htmly",
"name" : "https://github.com/liaojia-99/project/tree/main/htmly",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://vuldb.com/?id.195203",
"name" : "https://vuldb.com/?id.195203",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.195203",
"name" : "https://vuldb.com/?id.195203",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability, which was classified as problematic, has been found in htmly 5.3 whis affects the component Edit Profile Module. The manipulation of the field Title with script tags leads to persistent cross site scripting. The attack may be initiated remotely and requires an authentication. A simple POC has been disclosed to the public and may be used."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:htmly:htmly:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 5.4,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.3,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-03-29T06:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1088",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/e86d456d-7a54-43e8-acf1-0b6a0a8bb41b",
"name" : "https://wpscan.com/vulnerability/e86d456d-7a54-43e8-acf1-0b6a0a8bb41b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/e86d456d-7a54-43e8-acf1-0b6a0a8bb41b",
"name" : "https://wpscan.com/vulnerability/e86d456d-7a54-43e8-acf1-0b6a0a8bb41b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Page Security & Membership WordPress plugin through 1.5.15 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:contextureintl:page_security_\\&_membership:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.5.15",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1089",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/75a9fd23-7fa9-4cb1-a55b-ec5deae5d6fa",
"name" : "https://wpscan.com/vulnerability/75a9fd23-7fa9-4cb1-a55b-ec5deae5d6fa",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/75a9fd23-7fa9-4cb1-a55b-ec5deae5d6fa",
"name" : "https://wpscan.com/vulnerability/75a9fd23-7fa9-4cb1-a55b-ec5deae5d6fa",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:wpsheeteditor:bulk_edit_and_create_user_profiles_-_wp_sheet_editor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.5.14",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1090",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3993fa42-b4c3-462b-b568-0a08fe112c19",
"name" : "https://wpscan.com/vulnerability/3993fa42-b4c3-462b-b568-0a08fe112c19",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3993fa42-b4c3-462b-b568-0a08fe112c19",
"name" : "https://wpscan.com/vulnerability/3993fa42-b4c3-462b-b568-0a08fe112c19",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Good & Bad Comments WordPress plugin through 1.0.0 does not sanitise and escape its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:good-bad-comments_project:good-bad-comments:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "1.0.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1091",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/10up/safe-svg/pull/28",
"name" : "https://github.com/10up/safe-svg/pull/28",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/10up/safe-svg/pull/28",
"name" : "https://github.com/10up/safe-svg/pull/28",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4d12533e-bdb7-411f-bcdf-4c5046db13f3",
"name" : "https://wpscan.com/vulnerability/4d12533e-bdb7-411f-bcdf-4c5046db13f3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4d12533e-bdb7-411f-bcdf-4c5046db13f3",
"name" : "https://wpscan.com/vulnerability/4d12533e-bdb7-411f-bcdf-4c5046db13f3",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The sanitisation step of the Safe SVG WordPress plugin before 1.9.10 can be bypassed by spoofing the content-type in the POST request to upload a file. Exploiting this vulnerability, an attacker will be able to perform the kinds of attacks that this plugin should prevent (mainly XSS, but depending on further use of uploaded SVG files potentially other XML attacks)."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:10up:safe_svg:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.9.10",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 4.3
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.6,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-18T18:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1092",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-352"
}, {
"lang" : "en",
"value" : "CWE-862"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"name" : "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"name" : "https://wpscan.com/vulnerability/95759d5c-8802-4493-b7e5-7f2bc546af61",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The myCred WordPress plugin before 2.4.3.1 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of email address present in the blog"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mycred:mycred:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "2.4.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1093",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/57017050-811e-474d-8256-33d19d4c0553",
"name" : "https://wpscan.com/vulnerability/57017050-811e-474d-8256-33d19d4c0553",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/57017050-811e-474d-8256-33d19d4c0553",
"name" : "https://wpscan.com/vulnerability/57017050-811e-474d-8256-33d19d4c0553",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The WP Meta SEO WordPress plugin before 4.4.7 does not sanitise or escape the breadcrumb separator before outputting it to the page, allowing a high privilege user such as an administrator to inject arbitrary javascript into the page even when unfiltered html is disallowed."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:joomunited:wp_meta_seo:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.4.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-23T08:16Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1094",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/3c03816b-e381-481c-b9f5-63d0c24ff329",
"name" : "https://wpscan.com/vulnerability/3c03816b-e381-481c-b9f5-63d0c24ff329",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/3c03816b-e381-481c-b9f5-63d0c24ff329",
"name" : "https://wpscan.com/vulnerability/3c03816b-e381-481c-b9f5-63d0c24ff329",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:anmari:amr_users:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "4.59.4",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-25T16:16Z",
"lastModifiedDate" : "2025-05-05T17:17Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1095",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/bf476a3e-05ba-4b54-8a65-3d261ad5337b",
"name" : "https://wpscan.com/vulnerability/bf476a3e-05ba-4b54-8a65-3d261ad5337b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/bf476a3e-05ba-4b54-8a65-3d261ad5337b",
"name" : "https://wpscan.com/vulnerability/bf476a3e-05ba-4b54-8a65-3d261ad5337b",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Mihdan: No External Links WordPress plugin before 5.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mihdan\\:_no_external_links_project:mihdan\\:_no_external_links:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "5.0.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-06-27T09:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1096",
"ASSIGNER" : "chrome-cve-admin@google.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-843"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html",
"name" : "https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop_25.html",
"refsource" : "",
"tags" : [ "Release Notes", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1309225",
"name" : "https://crbug.com/1309225",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://crbug.com/1309225",
"name" : "https://crbug.com/1309225",
"refsource" : "",
"tags" : [ "Permissions Required", "Vendor Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://security.gentoo.org/glsa/202208-25",
"name" : "GLSA-202208-25",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Type confusion in V8 in Google Chrome prior to 99.0.4844.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0.4844.84",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
}
},
"publishedDate" : "2022-07-23T00:15Z",
"lastModifiedDate" : "2025-02-19T19:39Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1097",
"ASSIGNER" : "security@mozilla.org"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1745667",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1745667",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1745667",
"name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1745667",
"refsource" : "",
"tags" : [ "Exploit", "Issue Tracking", "Patch", "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-13/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-13/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-13/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-13/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-14/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-14/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-14/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-14/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-15/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-15/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://www.mozilla.org/security/advisories/mfsa2022-15/",
"name" : "https://www.mozilla.org/security/advisories/mfsa2022-15/",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "NSSToken objects were referenced via direct points, and could have been accessed in an unsafe way on different threads, leading to a use-after-free and potentially exploitable crash. This vulnerability affects Thunderbird < 91.8, Firefox < 99, and Firefox ESR < 91.8."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "91.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "91.8",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "99.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 6.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 3.6
}
},
"publishedDate" : "2022-12-22T20:15Z",
"lastModifiedDate" : "2025-04-16T16:15Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1098",
"ASSIGNER" : "ics-cert@hq.dhs.gov"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-427"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
}, {
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"name" : "https://www.cisa.gov/uscert/ics/advisories/icsa-22-081-01",
"refsource" : "",
"tags" : [ "Mitigation", "Third Party Advisory", "US Government Resource" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Delta Electronics DIAEnergie (all versions prior to 1.8.02.004) are vulnerable to a DLL hijacking condition. When combined with the Incorrect Default Permissions vulnerability of 4.2.2 above, this makes it possible for an attacker to escalate privileges"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:deltaww:diaenergie:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "1.8.02.004",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 7.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 1.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"accessVector" : "LOCAL",
"accessComplexity" : "MEDIUM",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.4,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-04-01T23:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1099",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-400"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1099.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1099.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1099.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1099.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/328593",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/328593",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/328593",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/328593",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "Adding a very large number of tags to a runner in GitLab CE/EE affecting all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to impact the performance of GitLab"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T20:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1100",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-772"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1100.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1100.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1100.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1100.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/273771",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/273771",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/273771",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/273771",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions from 13.1 prior to 14.7.7, 14.8.0 prior to 14.8.5, and 14.9.0 prior to 14.9.2. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "13.1.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "13.1.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "LOW",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T20:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1101",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-287"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?ctiid.195785",
"name" : "https://vuldb.com/?ctiid.195785",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?ctiid.195785",
"name" : "https://vuldb.com/?ctiid.195785",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.195785",
"name" : "https://vuldb.com/?id.195785",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.195785",
"name" : "https://vuldb.com/?id.195785",
"refsource" : "",
"tags" : [ "Third Party Advisory", "VDB Entry" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability was found in SourceCodester Royale Event Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /royal_event/userregister.php. The manipulation leads to improper authentication. The attack may be initiated remotely. The identifier VDB-195785 was assigned to this vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 9.8,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.9
}
},
"publishedDate" : "2023-01-07T22:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1102",
"ASSIGNER" : "cna@vuldb.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://vuldb.com/?ctiid.195786",
"name" : "https://vuldb.com/?ctiid.195786",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?ctiid.195786",
"name" : "https://vuldb.com/?ctiid.195786",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.195786",
"name" : "https://vuldb.com/?id.195786",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://vuldb.com/?id.195786",
"name" : "https://vuldb.com/?id.195786",
"refsource" : "",
"tags" : [ "Permissions Required", "Third Party Advisory", "VDB Entry" ]
}, {
"url" : "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?",
"name" : "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
}, {
"url" : "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?",
"name" : "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?",
"refsource" : "",
"tags" : [ "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A vulnerability classified as problematic has been found in SourceCodester Royale Event Management System 1.0. Affected is an unknown function of the file /royal_event/companyprofile.php. The manipulation of the argument companyname/regno/companyaddress/companyemail leads to cross site scripting. It is possible to launch the attack remotely. VDB-195786 is the identifier assigned to this vulnerability."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 6.1,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 2.7
}
},
"publishedDate" : "2023-01-07T22:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1103",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
"name" : "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
"name" : "https://wpscan.com/vulnerability/9ddeef95-7c7f-4296-a55b-fd3304c91c18",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:advanced_uploader_project:advanced_uploader:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding" : "4.2",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 8.8,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 2.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.5
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 6.4,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-16T15:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1104",
"ASSIGNER" : "contact@wpscan.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://wpscan.com/vulnerability/4d4709f3-ad38-4519-a24a-73bc04b20e52",
"name" : "https://wpscan.com/vulnerability/4d4709f3-ad38-4519-a24a-73bc04b20e52",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
}, {
"url" : "https://wpscan.com/vulnerability/4d4709f3-ad38-4519-a24a-73bc04b20e52",
"name" : "https://wpscan.com/vulnerability/4d4709f3-ad38-4519-a24a-73bc04b20e52",
"refsource" : "",
"tags" : [ "Exploit", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "The Popup Maker WordPress plugin before 1.16.5 does not sanitise and escape some of its Popup settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:code-atlantic:popup_maker:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding" : "1.16.5",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "REQUIRED",
"scope" : "CHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "LOW",
"availabilityImpact" : "NONE",
"baseScore" : 4.8,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.7,
"impactScore" : 2.7
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "MEDIUM",
"authentication" : "SINGLE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "PARTIAL",
"availabilityImpact" : "NONE",
"baseScore" : 3.5
},
"severity" : "LOW",
"exploitabilityScore" : 6.8,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : true
}
},
"publishedDate" : "2022-05-09T17:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1105",
"ASSIGNER" : "cve@gitlab.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "NVD-CWE-Other"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1105.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1105.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1105.json",
"name" : "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1105.json",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/335933",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/335933",
"refsource" : "",
"tags" : [ "Broken Link" ]
}, {
"url" : "https://gitlab.com/gitlab-org/gitlab/-/issues/335933",
"name" : "https://gitlab.com/gitlab-org/gitlab/-/issues/335933",
"refsource" : "",
"tags" : [ "Broken Link" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an unauthorized user to access pipeline analytics even when public pipelines are disabled"
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.9.0",
"versionEndExcluding" : "14.9.2",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "14.8.0",
"versionEndExcluding" : "14.8.5",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding" : "13.11.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
}, {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding" : "13.11.0",
"versionEndExcluding" : "14.7.7",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "LOW",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.3,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 2.8,
"impactScore" : 1.4
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "SINGLE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "NONE",
"baseScore" : 4.0
},
"severity" : "MEDIUM",
"exploitabilityScore" : 8.0,
"impactScore" : 2.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-04T20:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1106",
"ASSIGNER" : "security@huntr.dev"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-416"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"name" : "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"name" : "https://github.com/mruby/mruby/commit/7f5a490d09f4d56801ac3a3e4e39e03e1471b44c",
"refsource" : "",
"tags" : [ "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"name" : "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
}, {
"url" : "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"name" : "https://huntr.dev/bounties/16b9d0ea-71ed-41bc-8a88-2deb4c20be8f",
"refsource" : "",
"tags" : [ "Exploit", "Patch", "Third Party Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "use after free in mrb_vm_exec in GitHub repository mruby/mruby prior to 3.2."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:mruby:mruby:*:*:*:*:*:*:*:*",
"versionEndIncluding" : "3.1",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 9.1,
"baseSeverity" : "CRITICAL"
},
"exploitabilityScore" : 3.9,
"impactScore" : 5.2
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"accessVector" : "NETWORK",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "PARTIAL",
"integrityImpact" : "NONE",
"availabilityImpact" : "PARTIAL",
"baseScore" : 6.4
},
"severity" : "MEDIUM",
"exploitabilityScore" : 10.0,
"impactScore" : 4.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-03-27T14:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1107",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
}, {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "During an internal product security audit a potential vulnerability due to use of Boot Services in the SmmOEMInt15 SMI handler was discovered in some ThinkPad models could be exploited by an attacker with elevated privileges that could allow for execution of code."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_11e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n15et78w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_11e:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_helix_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n17eta8w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_helix:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_l560_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1het85w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_l560:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_l570_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1xet65w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_l570:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_p50s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1ket46w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_p50s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_p51s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1vet50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_p51s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_p52s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n27et36w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_p52s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_s540_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "gpet80ww",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_s540:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_t550_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n11et50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_t550:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_t560_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1ket46w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_t560:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_t570_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1vet50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_t570:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_t580_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n27et36w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_t580:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_tablet_gen_1_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1let86w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_tablet_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1oet50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_tablet_gen_2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_w540_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "gnet92ww",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_w540:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_w541_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "gnet92ww",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_w541:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_w550s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n11et50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_w550s:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_carbon_3rd_gen_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n14et52w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_carbon_3rd_gen:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_carbon_4th_gen_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1fet70w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_carbon_4th_gen:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_carbon_5th_gen_kabylake_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1met55w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_carbon_5th_gen_kabylake:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_carbon_5th_gen_skylake_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1met55w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_carbon_5th_gen_skylake:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_yoga_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1fet70w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_yoga:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_yoga_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1net47w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_2:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_yoga_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n25et50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_yoga_gen_3:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x250_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n10et58w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x250:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x280_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n20et44w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x280:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x390_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n2let60w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x390:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_11e_yoga_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n15et78w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_11e_yoga:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_yoga_15_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n19et61w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_yoga_15:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
}, {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_yoga_260_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n1get98w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_yoga_260:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-22T21:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1108",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-20"
}, {
"lang" : "en",
"value" : "CWE-269"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-84943",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A potential vulnerability due to improper buffer validation in the SMI handler LenovoFlashDeviceInterface in Thinkpad X1 Fold Gen 1 could be exploited by an attacker with local access and elevated privileges to execute arbitrary code."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "AND",
"children" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:o:lenovo:thinkpad_x1_fold_gen_1_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "n2pet50w",
"cpe_name" : [ ]
} ]
}, {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : false,
"cpe23Uri" : "cpe:2.3:h:lenovo:thinkpad_x1_fold_gen_1:-:*:*:*:*:*:*:*",
"cpe_name" : [ ]
} ]
} ],
"cpe_match" : [ ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "HIGH",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "HIGH",
"integrityImpact" : "HIGH",
"availabilityImpact" : "HIGH",
"baseScore" : 6.7,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 0.8,
"impactScore" : 5.9
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "COMPLETE",
"integrityImpact" : "COMPLETE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 7.2
},
"severity" : "HIGH",
"exploitabilityScore" : 3.9,
"impactScore" : 10.0,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-04-22T21:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1109",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-276"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://iknow.lenovo.com.cn/detail/dc_204380.html",
"name" : "https://iknow.lenovo.com.cn/detail/dc_204380.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
}, {
"url" : "https://iknow.lenovo.com.cn/detail/dc_204380.html",
"name" : "https://iknow.lenovo.com.cn/detail/dc_204380.html",
"refsource" : "",
"tags" : [ "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "An incorrect default permissions vulnerability in Lenovo Leyun cloud music application could allow denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:leyun:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "6.8.21.99",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "NETWORK",
"attackComplexity" : "LOW",
"privilegesRequired" : "NONE",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 7.5,
"baseSeverity" : "HIGH"
},
"exploitabilityScore" : 3.9,
"impactScore" : 3.6
}
},
"publishedDate" : "2023-01-20T20:15Z",
"lastModifiedDate" : "2024-11-21T06:40Z"
}, {
"cve" : {
"data_type" : "CVE",
"data_format" : "MITRE",
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2022-1110",
"ASSIGNER" : "psirt@lenovo.com"
},
"problemtype" : {
"problemtype_data" : [ {
"description" : [ {
"lang" : "en",
"value" : "CWE-120"
} ]
} ]
},
"references" : {
"reference_data" : [ {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-79452",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-79452",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
}, {
"url" : "https://support.lenovo.com/us/en/product_security/LEN-79452",
"name" : "https://support.lenovo.com/us/en/product_security/LEN-79452",
"refsource" : "",
"tags" : [ "Patch", "Vendor Advisory" ]
} ]
},
"description" : {
"description_data" : [ {
"lang" : "en",
"value" : "A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service."
} ]
}
},
"configurations" : {
"CVE_data_version" : "4.0",
"nodes" : [ {
"operator" : "OR",
"children" : [ ],
"cpe_match" : [ {
"vulnerable" : true,
"cpe23Uri" : "cpe:2.3:a:lenovo:smart_standby_driver:*:*:*:*:*:*:*:*",
"versionEndExcluding" : "4.1.50.0",
"cpe_name" : [ ]
} ]
} ]
},
"impact" : {
"baseMetricV3" : {
"cvssV3" : {
"version" : "3.1",
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector" : "LOCAL",
"attackComplexity" : "LOW",
"privilegesRequired" : "LOW",
"userInteraction" : "NONE",
"scope" : "UNCHANGED",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "HIGH",
"baseScore" : 5.5,
"baseSeverity" : "MEDIUM"
},
"exploitabilityScore" : 1.8,
"impactScore" : 3.6
},
"baseMetricV2" : {
"cvssV2" : {
"version" : "2.0",
"vectorString" : "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"accessVector" : "LOCAL",
"accessComplexity" : "LOW",
"authentication" : "NONE",
"confidentialityImpact" : "NONE",
"integrityImpact" : "NONE",
"availabilityImpact" : "COMPLETE",
"baseScore" : 4.9
},
"severity" : "MEDIUM",
"exploitabilityScore" : 3.9,
"impactScore" : 6.9,
"acInsufInfo" : false,
"obtainAllPrivilege" : false,
"obtainUserPrivilege" : false,
"obtainOtherPrivilege" : false,
"userInteractionRequired" : false
}
},
"publishedDate" : "2022-05-18T16:15Z",
"lastModifiedDate