-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-01-02T21:00:25.062653+00:00
- Loading branch information
1 parent
d8f9638
commit 6f35bba
Showing
74 changed files
with
2,149 additions
and
2,366 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2015-10128", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-01-02T14:15:07.810", | ||
| "lastModified": "2024-01-02T14:15:07.810", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-01-02T19:36:26.333", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2017-20188", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-01-02T15:15:08.377", | ||
| "lastModified": "2024-01-02T15:15:08.377", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-01-02T19:36:26.333", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,8 +2,8 @@ | |
| "id": "CVE-2018-25097", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-01-02T16:15:11.100", | ||
| "lastModified": "2024-01-02T16:15:11.100", | ||
| "vulnStatus": "Received", | ||
| "lastModified": "2024-01-02T19:36:26.333", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2021-42083", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2023-07-10T16:15:47.690", | ||
| "lastModified": "2023-07-13T23:11:28.007", | ||
| "vulnStatus": "Analyzed", | ||
| "lastModified": "2024-01-02T19:15:09.030", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "An authenticated attacker is able to create alerts that trigger a stored XSS attack.\u00a0" | ||
| "value": "An authenticated attacker is able to create alerts that trigger a stored XSS attack." | ||
| } | ||
| ], | ||
| "metrics": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-0564", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-02-21T18:15:08.873", | ||
| "lastModified": "2023-11-07T03:41:23.860", | ||
| "lastModified": "2024-01-02T19:15:09.177", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured.\n\n" | ||
| "value": "A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 1.4 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -95,7 +95,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-2421", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-10-26T10:15:16.780", | ||
| "lastModified": "2023-11-07T03:46:34.367", | ||
| "lastModified": "2024-01-02T19:15:09.597", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object.\n\n" | ||
| "value": "Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -70,7 +70,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-2422", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-10-26T10:15:16.993", | ||
| "lastModified": "2023-11-07T03:46:34.453", | ||
| "lastModified": "2024-01-02T19:15:09.690", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used.\n\n" | ||
| "value": "Due to improper input validation in the Feathers js library, it is possible to perform a SQL injection attack on the back-end database, in case the feathers-sequelize package is used." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -70,7 +70,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-25153", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-06-09T17:15:08.903", | ||
| "lastModified": "2023-11-07T03:44:44.287", | ||
| "lastModified": "2024-01-02T19:15:09.293", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup.\n\n" | ||
| "value": "The ITarian Endpoint Manage Communication Client, prior to version 6.43.41148.21120, is compiled using insecure OpenSSL settings. Due to this setting, a malicious actor with low privileges access to a system can escalate his privileges to SYSTEM abusing an insecure openssl.conf lookup." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -95,7 +95,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-29822", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-10-26T10:15:10.217", | ||
| "lastModified": "2023-11-07T03:46:05.720", | ||
| "lastModified": "2024-01-02T19:15:09.407", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection\n\n" | ||
| "value": "Due to improper parameter filtering in the Feathers js library, which may ultimately lead to SQL injection" | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -70,7 +70,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -2,12 +2,12 @@ | |
| "id": "CVE-2022-29823", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2022-10-26T10:15:16.190", | ||
| "lastModified": "2023-11-07T03:46:05.793", | ||
| "lastModified": "2024-01-02T19:15:09.513", | ||
| "vulnStatus": "Modified", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application.\n\n" | ||
| "value": "Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution (RCE) with privileges of application." | ||
| }, | ||
| { | ||
| "lang": "es", | ||
|
|
@@ -37,7 +37,7 @@ | |
| "impactScore": 5.9 | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
|
|
@@ -70,7 +70,7 @@ | |
| ] | ||
| }, | ||
| { | ||
| "source": "b87402ff-ae37-4194-9dae-31abdbd6f217", | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,63 @@ | ||
| { | ||
| "id": "CVE-2022-3010", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-01-02T19:15:09.783", | ||
| "lastModified": "2024-01-02T19:36:26.333", | ||
| "vulnStatus": "Awaiting Analysis", | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "The Priva TopControl Suite contains\u00a0predictable credentials for the SSH service, based on the Serial number. Which makes it possible for an attacker to calculate the login credentials for the Priva TopControll suite." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "HIGH", | ||
| "integrityImpact": "NONE", | ||
| "availabilityImpact": "NONE", | ||
| "baseScore": 7.5, | ||
| "baseSeverity": "HIGH" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 3.6 | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-1391" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://csirt.divd.nl/CVE-2022-3010", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://csirt.divd.nl/DIVD-2022-00035", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-356-01", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.