{"resultsPerPage":29,"startIndex":0,"totalResults":29,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-27T21:44:33.991","vulnerabilities":[{"cve":{"id":"CVE-2022-0900","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-05-23T14:16:26.247","lastModified":"2026-05-20T08:16:20.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NetDataSoft DivvyDrive allows Stored XSS.\n\nThis issue affects DivvyDrive: from unspecified before v.4.6.2.0."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting (XSS) Almacenado en el parámetro \"aciklama\" de DivvyDrive podría permitir a cualquiera conseguir información de la sesión de los usuarios"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netdatasoft:divvy_drive:*:*:*:*:*:*:*:*","versionEndExcluding":"4.6.2.0","matchCriteriaId":"AF51E595-1FC1-48B2-BCBD-7FE345D02285"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0375","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0375","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0375","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-1277","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-07-29T13:15:08.533","lastModified":"2026-05-20T08:16:20.827","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Inavitas Solar Log product has an unauthenticated SQL Injection vulnerability."},{"lang":"es","value":"El producto Inavitas Solar Log presenta una vulnerabilidad de inyección SQL no autenticada"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:inavitas:solar_log:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0","matchCriteriaId":"B2F72A56-860C-4B76-AD2D-D988EB0BF93D"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0514","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0514","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0514","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2177","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-09-20T11:15:09.350","lastModified":"2026-05-20T08:16:20.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Kayrasoft product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2."},{"lang":"es","value":"El producto Kayrasoft versiones anteriores a 2, presenta una vulnerabilidad de inyección SQL no autenticada. Esto ha sido corregido en versión 2"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kayrasoft:kayrasoft:-:*:*:*:*:*:*:*","matchCriteriaId":"3723EF99-D3F3-4B43-9E49-991988496707"},{"vulnerable":true,"criteria":"cpe:2.3:a:kayrasoft:kayrasoft:1:*:*:*:*:*:*:*","matchCriteriaId":"A81DFE6C-26D1-4EA8-9DE7-DFBE54692676"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0630","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0630","source":"iletisim@usom.gov.tr","tags":["Broken Link","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0630","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2315","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-09-21T08:15:08.807","lastModified":"2026-05-20T08:16:21.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Database Software Accreditation Tracking/Presentation Module product before version 2 has an unauthenticated SQL Injection vulnerability. This is fixed in version 2."},{"lang":"es","value":"El producto Database Software Accreditation Tracking/Presentation Module versiones anteriores a 2, presenta una vulnerabilidad de inyección SQL no autenticada. Esto ha sido corregido en versión 2"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:databank:accreditation_tracking\\/presentation_module:*:*:*:*:*:*:*:*","versionEndExcluding":"2","matchCriteriaId":"AFA0155A-7C7B-410D-A907-D765896571F5"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0634","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0634","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0634","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-0495","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-09-21T09:15:09.187","lastModified":"2026-05-20T08:16:20.437","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01."},{"lang":"es","value":"El producto del sistema de automatización de bibliotecas KOHA desarrollado por Parantez Teknoloji versiones anteriores a 19.05.03, presenta una vulnerabilidad de inyección SQL no autenticada. Esto ha sido corregido en versión 19.05.03.01"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:parantezteknoloji:koha_library_automation:*:*:*:*:*:*:*:*","versionEndExcluding":"19.05.03.01","matchCriteriaId":"E0536BE0-8CF1-47AB-B054-4F0F488AE5A4"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0635","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0635","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0635","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2265","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-09-21T14:15:11.133","lastModified":"2026-05-20T08:16:21.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Identity and Directory Management System developed by Çekino Bilgi Teknolojileri before version 2.1.25 has an unauthenticated Path traversal vulnerability. This has been fixed in the version 2.1.25"},{"lang":"es","value":"Identity and Directory Management System desarrollado por Ã‡ekino Bilgi Teknolojileri versiones anteriores a 2.1.25, presenta una vulnerabilidad de salto de Ruta no autenticado. Esto ha sido corregido en versión 2.1.25"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:identity_and_directory_management_system_project:identity_and_directory_management_system:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.25","matchCriteriaId":"21AD298A-64F3-4EA0-8A76-FC67F578443E"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0636","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0636","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0636","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2266","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-09-22T09:15:09.460","lastModified":"2026-05-20T08:16:21.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2"},{"lang":"es","value":"University Library Automation System desarrollado por Yordam Bilgi Teknolojileri versiones anteriores a 19.2, presenta una vulnerabilidad de tipo XSS reflejada no autenticada. Esto ha sido corregido en versión 19.2"}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yordam:library_automation_system:*:*:*:*:*:*:*:*","versionEndExcluding":"19.2","matchCriteriaId":"9F0FF895-915C-4964-8080-4E550939DB04"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0637","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0637","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0637","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24036","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-11-16T12:15:10.090","lastModified":"2026-05-20T09:16:25.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Karmasis Informatics Infraskope SIEM+ has an unauthenticated access vulnerability which could allow an unauthenticated attacker to modificate logs."},{"lang":"es","value":"Karmasis Informatics Infraskope SIEM+ tiene una vulnerabilidad de acceso no autenticado que podría permitir a un atacante no autenticado modificar los registros."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:karmasis:infraskope_siem\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.00","matchCriteriaId":"A28ABE0E-98B4-49E1-BFDC-053C08FEFB7B"}]}]}],"references":[{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"iletisim@usom.gov.tr","tags":["Product"]},{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0691","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24037","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-11-18T08:15:09.237","lastModified":"2026-05-20T09:16:25.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Karmasis Informatics Infraskope SIEM+\n\n has an unauthenticated access vulnerability which could allow an unauthenticated attacker to obtain critical information."},{"lang":"es","value":"Karmasis Informatics Infraskope SIEM+ tiene una vulnerabilidad de acceso no autenticado que podría permitir a un atacante no autenticado obtener información crítica."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:karmasis:infraskope_siem\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.00","matchCriteriaId":"A28ABE0E-98B4-49E1-BFDC-053C08FEFB7B"}]}]}],"references":[{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"iletisim@usom.gov.tr","tags":["Product"]},{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0691","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24038","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-11-18T09:15:09.990","lastModified":"2026-05-20T09:16:25.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Karmasis Informatics Infraskope SIEM+\n\nhas an unauthenticated access vulnerability which could allow an unauthenticated attacker to damage the page where the agents are listed."},{"lang":"es","value":"Karmasis Informatics Infraskope SIEM+ tiene una vulnerabilidad de acceso no autenticado que podría permitir que un atacante no autenticado dañe la página donde se enumeran los agentes."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:karmasis:infraskope_siem\\+:*:*:*:*:*:*:*:*","versionEndExcluding":"7.10.00","matchCriteriaId":"A28ABE0E-98B4-49E1-BFDC-053C08FEFB7B"}]}]}],"references":[{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"iletisim@usom.gov.tr","tags":["Product"]},{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0691","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://karmasis.com/urunlerimiz/infraskope-siem/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0691","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2807","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-12-02T12:15:09.797","lastModified":"2026-05-20T08:16:21.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in Algan Software Prens Student Information System allows SQL Injection.\n\nThis issue affects Prens Student Information System: before 2.1.11."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Algan Software Prens Student Information System permite la inyección SQL. Este problema afecta a Prens Student Information System: anterior a 2.1.11."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:algan:prens_student_information_system:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.11","matchCriteriaId":"120C62AE-D526-4B46-91BB-3A6B25F5BC0E"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0708","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0708","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0708","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2808","sourceIdentifier":"iletisim@usom.gov.tr","published":"2022-12-02T12:15:09.977","lastModified":"2026-05-20T08:16:21.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization Bypass Through User-Controlled Key vulnerability in Algan Software Prens Student Information System allows Object Relational Mapping Injection.\n\nThis issue affects Prens Student Information System: before 2.1.11."},{"lang":"es","value":"Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en Algan Software Prens Student Information System permite la inyección de mapeo relacional de objetos. Este problema afecta a Prens Student Information System: antes del 2.1.11."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:algan:prens_student_information_system:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.11","matchCriteriaId":"120C62AE-D526-4B46-91BB-3A6B25F5BC0E"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0708","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0708","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0708","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-3792","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-01-10T14:15:10.507","lastModified":"2026-05-20T08:16:22.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in GullsEye GullsEye terminal operating system allows SQL Injection.\n\nThis issue affects GullsEye terminal operating system: from unspecified before 5.0.13."},{"lang":"es","value":"Neutralización incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyección SQL\") en el sistema operativo del terminal GullsEye GullsEye permite la inyección SQL. Este problema afecta al sistema operativo del terminal GullsEye: desde no especificado antes de 5.0.13."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gullseye:gullseye_terminal_operating_system:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0.13","matchCriteriaId":"A3E8370B-0F8A-49E3-AE81-9A165E0E8356"}]}]}],"references":[{"url":"https://fordefence.com/cve-2022-3792-gullseye-terminal-operation-system/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://omrylmz.com/cve-2022-3792-terminal-operation-system/","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0747-2","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0747-2","source":"iletisim@usom.gov.tr","tags":["Exploit","Third Party Advisory"]},{"url":"https://fordefence.com/cve-2022-3792-gullseye-terminal-operation-system/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://omrylmz.com/cve-2022-3792-terminal-operation-system/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0747-2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-4422","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-01-10T14:15:10.643","lastModified":"2026-05-20T08:16:22.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Call Center System developed by Bulutses Information Technologies before version 3.0 has an unauthenticated Sql Injection vulnerability. This has been fixed in the version 3.0"},{"lang":"es","value":"Call Center System, desarrollado por Bulutses Information Technologies, en sus versiones anteriores a la 3.0 tiene una vulnerabilidad de inyección Sql no autenticada. Esto se ha solucionado en la versión 3.0."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bulutses:bulutdesk_callcenter:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0","matchCriteriaId":"F488A1AE-F8A1-4F35-BB07-9B750AA15579"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-22-0747","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0747","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-22-0747","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-3693","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-01-13T08:15:07.787","lastModified":"2026-05-20T08:16:22.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Path Traversal vulnerability in Deytek Informatics FileOrbis File Management System allows Path Traversal.\n\nThis issue affects FileOrbis File Management System: from unspecified before 10.6.3."},{"lang":"es","value":"Vulnerabilidad de Path Traversal en FileOrbis File Management System de Deytek Informatics. Este problema afecta a FileOrbis File Management System: desde no especificado antes de 10.6.3."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fileorbis:fileorbis:*:*:*:*:*:*:*:*","versionEndExcluding":"10.6.3","matchCriteriaId":"6B90B373-613D-475E-84F3-F1F44194B0DC"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0021","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0021","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-4554","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-01-24T09:15:09.640","lastModified":"2026-05-20T08:16:22.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"B2B Customer Ordering System developed by ID Software Project and Consultancy Services before version 1.0.0.347 has an authenticated Reflected XSS vulnerability. This has been fixed in the version 1.0.0.347."},{"lang":"es","value":"B2B Customer Ordering System, desarrollado por ID Software Project and Consultancy Services tiene una vulnerabilidad XSS reflejada autenticada en sus versiones anteriores a la 1.0.0.347. Esto se ha solucionado en la versión 1.0.0.347."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:idyazilim:b2b_dealer_order_system:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.347","matchCriteriaId":"DC5F24E3-28B4-45C6-AB10-BEFDA050850C"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0022","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0022","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0022","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2504","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-02-23T12:15:09.867","lastModified":"2026-05-20T08:16:21.693","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SDD Computer Software SDD-Baro allows SQL Injection.\n\nThis issue affects SDD-Baro: before 2.8.432."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sdd-baro_project:sdd-baro:*:*:*:*:*:*:*:*","versionEndExcluding":"2.8.432","matchCriteriaId":"21321641-72A2-40E2-8878-538D80034C44"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0107","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0107","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0107","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-2178","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-03-06T12:15:08.803","lastModified":"2026-05-20T08:16:21.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saysis Computer Starcities allows Cross-Site Scripting (XSS).\n\nThis issue affects Starcities: before 1.1."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:saysis:starcities:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1","matchCriteriaId":"7D1D641C-1A3D-4DC4-8BC4-B2160C56CE1A"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0128","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0128","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0128","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2022-3760","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-03-07T09:15:08.623","lastModified":"2026-05-20T08:16:22.257","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mia Technology Mia-Med.\n\nThis issue affects Mia-Med: before 1.0.0.58."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:miateknoloji:mia-med:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.0.58","matchCriteriaId":"90E13FD2-2624-4E84-8D35-74BE0AC737FC"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0130","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0130","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0130","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23790","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-03-14T09:15:12.663","lastModified":"2026-05-20T09:16:24.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS).\n\nThis issue affects Customer Relation Manager: before 2022.03.13."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:firmanet:technology_customer_relation_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"2022.03.13","matchCriteriaId":"51E1AD44-2ADE-4C4E-9391-EF7E2F6ED4C3"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0145","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0145","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0145","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2022-23791","sourceIdentifier":"iletisim@usom.gov.tr","published":"2023-03-14T09:15:12.773","lastModified":"2026-05-20T09:16:25.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Firmanet Software and Technology Customer Relation Manager allows Cross-Site Scripting (XSS).\n\nThis issue affects Customer Relation Manager: before 2022.03.13."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:firmanet:customer_relation_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"2022.03.13","matchCriteriaId":"30590A3C-A7E1-490A-AF31-3A8AE820BA12"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0145","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0145","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.usom.gov.tr/bildirim/tr-23-0145","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2023-7153","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-01-18T15:15:09.430","lastModified":"2026-05-20T09:16:26.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Macroturk Software and Internet Technologies Macro-Bel allows Reflected XSS.\n\nThis issue affects Macro-Bel: before V.1.0.1."},{"lang":"es","value":"Neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web ('cross-site Scripting') en Macroturk Software and Internet Technologies Macro-Bel permite XSS reflejado. Este problema afecta a Macro-Bel: versiones anteriores a V.1.0.1."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:macroturk:macro-bel:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.1","matchCriteriaId":"ED0C3E3D-B624-4B99-B2E9-684571C82847"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0041","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0041","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0041","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-6919","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-01-26T08:15:42.203","lastModified":"2026-05-20T09:16:26.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Path Traversal: '/../filedir' vulnerability in Biges Safe Life Technologies Electronics Inc. VGuard allows Absolute Path Traversal.\n\nThis issue affects VGuard: before V500.0003.R008.4011.C0012.B351.C."},{"lang":"es","value":"Vulnerabilidad de Path Traversal: '/../filedir' en Biges Safe Life Technologies Electronics Inc. VGuard permite Absolute Path Traversal. Este problema afecta a VGuard: antes de V500.0003.R008.4011.C0012.B351.C."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-25"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-4c1a-lru_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"D9EB930A-8960-4F13-9FA1-AF3A8ED5F284"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-4c1a-lru:-:*:*:*:*:*:*:*","matchCriteriaId":"027FBB09-AB4B-4961-AF21-FE8F05B59FB4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-4c1a-lrpu_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"17756524-D6A2-44A5-A939-FBFFA0CA19E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-4c1a-lrpu:-:*:*:*:*:*:*:*","matchCriteriaId":"703496E4-753F-4DD3-9134-DE952B284049"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-255a-bf_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"49477B1C-4B2D-4291-B173-7A0835A27198"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-255a-bf:-:*:*:*:*:*:*:*","matchCriteriaId":"F099A1C9-4EA9-49A0-8479-CE03A10D92C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-255-bv_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"4D440B47-C2F2-405E-B46E-D47BB76D264A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-255-bv:-:*:*:*:*:*:*:*","matchCriteriaId":"026C9CBB-76DD-42C4-8112-6D90D601897E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-255-df_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"AA6C4B94-167C-4FCF-8152-D9BF26A8F41C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-255-df:-:*:*:*:*:*:*:*","matchCriteriaId":"71111E6B-B8CA-486E-8E19-1ACE9CC57C1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-64c8rd-nvr_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"5B6F0020-D212-43C9-96D5-5BD36C5C89D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-64c8rd-nvr:-:*:*:*:*:*:*:*","matchCriteriaId":"888954F6-1182-42C4-BB02-E195FE73C7CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-4c1e-nvr_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"D0FA9FA9-78CA-4B7A-B9B9-15A3AFD08B4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-4c1e-nvr:-:*:*:*:*:*:*:*","matchCriteriaId":"F755B81D-C702-46CE-9AB5-697686E4E7CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-8c1e-nvr_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"24D79F3F-52BF-4107-9B0F-F4DCD6B35E07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-8c1e-nvr:-:*:*:*:*:*:*:*","matchCriteriaId":"5BEF4458-2DCF-4064-BAD7-F80573DDC22F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:biges:vg-8c1a-lrpu_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"500.0003.r008.4011.c0012.b351.c","matchCriteriaId":"0BF11C5A-1130-42C9-BAB8-5F481CE6E061"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:biges:vg-8c1a-lrpu:-:*:*:*:*:*:*:*","matchCriteriaId":"8F9637FC-968F-463A-9FB4-864D1FDB056E"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0054","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0054","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0054","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-6676","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-02-02T13:15:09.497","lastModified":"2026-05-20T09:16:25.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Request Forgery (CSRF) vulnerability in National Keep Cyber Security Services CyberMath allows Cross Site Request Forgery.\n\nThis issue affects CyberMath: from v1.4 before v1.5."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Request Forgery (CSRF) en CyberMath de National Keep Cyber Security Services permite Cross Site Request Forgery. Este problema afecta a CyberMath: desde v1.4 antes de v1.5."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nationalkeep:cybermath:1.4:*:*:*:*:*:*:*","matchCriteriaId":"D54B8707-6EDE-4581-AEA4-79577E916FEA"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0080","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0080","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0080","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-6724","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-02-09T13:15:41.570","lastModified":"2026-05-20T09:16:26.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization Bypass Through User-Controlled Key vulnerability in Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System allows Authentication Abuse.\n\nThis issue affects Hearing Tracking System: before for IOS 7.0, for Android Latest release 1.0."},{"lang":"es","value":"Vulnerabilidad de omisión de autorización a través de clave controlada por el usuario en Software Engineering Consultancy Machine Equipment Limited Company Hearing Tracking System permite el abuso de autenticación. Este problema afecta a Hearing Tracking System: antes para IOS 7.0, para Android, la última versión 1.0."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:android:*:*","versionEndIncluding":"1.0","matchCriteriaId":"8C9083FF-ED5C-4F86-A726-7685B7695815"},{"vulnerable":true,"criteria":"cpe:2.3:a:simgesel:hearing_tracking_system:*:*:*:*:*:iphone_os:*:*","versionEndExcluding":"7.0","matchCriteriaId":"2D7DDA3E-53DA-4DD5-924A-405923480DBB"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0099","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0099","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0099","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-6677","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-02-09T14:15:08.310","lastModified":"2026-05-20T09:16:25.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oduyo Financial Technology Online Collection allows SQL Injection.\n\nThis issue affects Online Collection: before v.1.0.2."},{"lang":"es","value":"La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en Oduyo Financial Technology Online Collection permite la inyección SQL. Este problema afecta a Online Collection: antes de v.1.0.2."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oduyo:online_collection:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.2","matchCriteriaId":"8CA0E0D4-A08D-4409-BDD8-F988FAFCF91B"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0100","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0100","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0100","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-7081","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-02-15T16:15:46.373","lastModified":"2026-05-20T09:16:26.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSTAHSİL Online Payment System allows SQL Injection.\n\nThis issue affects Online Payment System: before 14.02.2024."},{"lang":"es","value":"La neutralización inadecuada de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyección SQL') en POSTAHS?L Online Payment System permite la inyección de SQL. Este problema afecta a Online Payment System: antes del 14.02.2024."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:postahsil:online_payment_system:*:*:*:*:*:*:*:*","versionEndExcluding":"14.02.2024","matchCriteriaId":"F9522CA1-A828-4705-8761-7422B10F05C1"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0103","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0103","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0103","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-7103","sourceIdentifier":"iletisim@usom.gov.tr","published":"2024-03-05T13:15:06.940","lastModified":"2026-05-20T09:16:26.567","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass.\n\nThis issue affects UFace 5: through 12022024."},{"lang":"es","value":"Vulnerabilidad de omisión de autenticación por debilidad primaria en ZKSoftware Biometric Security Solutions UFace 5 permite la omisión de autenticación. Este problema afecta a UFace 5: hasta 12022024."}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-305"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zksoftware:uface_5:*:*:*:*:*:*:*:*","versionEndIncluding":"12022024","matchCriteriaId":"32C55889-BEB0-4E0C-A289-C05F4DFBD45D"}]}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-0173","source":"iletisim@usom.gov.tr"},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0173","source":"iletisim@usom.gov.tr","tags":["Third Party Advisory"]},{"url":"https://www.usom.gov.tr/bildirim/tr-24-0173","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-7668","sourceIdentifier":"cna@vuldb.com","published":"2026-05-02T21:16:07.677","lastModified":"2026-05-20T08:16:23.190","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulation of the argument transactionID/messageType leads to out-of-bounds read. The attack may be initiated remotely. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor recommends to \"use the latest v6.x or 7.x MikroTik RouterOS version, the reported issue should be fixed there.\""}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://github.com/ezio315/cve/issues/4","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/798623","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/360804","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/360804/cti","source":"cna@vuldb.com"}]}}]}