admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-26 23:00:32 +00:00
parent e2d09b6124
commit 0460dfe869
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 266 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
2023/21xxx/CVE-2023-21261.json
View File

@ -5,75 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-21261",
"ASSIGNER": "security@android.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In ft_open_face_internal of ftobjs.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information disclosure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "13"
},
{
"version_affected": "=",
"version_value": "12L"
},
{
"version_affected": "=",
"version_value": "12"
},
{
"version_affected": "=",
"version_value": "11"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://android.googlesource.com/platform/external/freetype/+/d45f0e49ab54065eb72d92aa3cc5f2152b0910b7",
"refsource": "MISC",
"name": "https://android.googlesource.com/platform/external/freetype/+/d45f0e49ab54065eb72d92aa3cc5f2152b0910b7"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2023-07-01"
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}

77
2023/28xxx/CVE-2023-28013.json
View File

@ -1,17 +1,86 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28013",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@hcl.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HCL Software ",
"product": {
"product_data": [
{
"product_name": "HCL BigFix Mobile",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371",
"refsource": "MISC",
"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106371"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
}
]
}

79
2023/28xxx/CVE-2023-28205.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28205",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.5 and iPadOS 15.7.5, macOS Ventura 13.3.1, Safari 16.4.1, iOS 16.4.1 and iPadOS 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,7 +40,13 @@
"version_data": [
{
"version_affected": "<",
"version_name": "15.7",
"version_value": "15.7"
},
{
"version_affected": "<",
"version_name": "16.4",
"version_value": "16.4"
}
]
}
@ -31,6 +57,7 @@
"version_data": [
{
"version_affected": "<",
"version_name": "16.4",
"version_value": "16.4"
}
]
@ -42,21 +69,11 @@
"version_data": [
{
"version_affected": "<",
"version_name": "13.3",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "16.4"
}
]
}
}
]
}
@ -64,57 +81,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213723",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213723"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213722",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213722"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213721",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213721"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213720",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213720"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230512 [SECURITY] [DLA 3419-1] webkit2gtk security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html"
},
{
"refsource": "GENTOO",
"name": "GLSA-202305-32",
"url": "https://security.gentoo.org/glsa/202305-32"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3.1, iOS 16.4.1 and iPadOS 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, Safari 16.4.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
]
}

64
2023/32xxx/CVE-2023-32388.json
View File

@ -42,6 +42,45 @@
"version_affected": "<",
"version_name": "13.4",
"version_value": "13.4"
},
{
"version_affected": "<",
"version_name": "12.6",
"version_value": "12.6"
},
{
"version_affected": "<",
"version_name": "11.7",
"version_value": "11.7"
}
]
}
},
{
"product_name": "watchOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.5",
"version_value": "9.5"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.7",
"version_value": "15.7"
},
{
"version_affected": "<",
"version_name": "16.5",
"version_value": "16.5"
}
]
}
@ -58,6 +97,31 @@
"url": "https://support.apple.com/en-us/HT213758",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213758"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213759"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213764"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213765"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213760"
},
{
"url": "https://support.apple.com/en-us/HT213757",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213757"
}
]
}

85
2023/32xxx/CVE-2023-32435.json
View File

@ -1,12 +1,32 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-32435",
"ASSIGNER": "product-security@apple.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, Safari 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -20,39 +40,36 @@
"version_data": [
{
"version_affected": "<",
"version_name": "13.3",
"version_value": "13.3"
}
]
}
},
{
"product_name": "macOS",
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "15.7",
"version_value": "15.7"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
},
{
"version_affected": "<",
"version_name": "16.4",
"version_value": "16.4"
}
]
}
},
{
"product_name": "macOS",
"product_name": "Safari",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "16.4",
"version_value": "16.4"
}
]
@ -64,57 +81,27 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213670",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213670"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213676",
"name": "https://support.apple.com/en-us/HT213676"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213671",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT213811",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213811"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20230629 WebKitGTK and WPE WebKit Security Advisory WSA-2023-0005",
"url": "http://www.openwall.com/lists/oss-security/2023/06/29/1"
"url": "https://support.apple.com/en-us/HT213671",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213671"
},
{
"refsource": "FULLDISC",
"name": "20230707 APPLE-SA-2023-06-21-3 iOS 15.7.7 and iPadOS 15.7.7",
"url": "http://seclists.org/fulldisclosure/2023/Jul/5"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
"url": "https://support.apple.com/en-us/HT213676",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213676"
}
]
}

8
2023/3xxx/CVE-2023-3451.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3451",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** Duplicate CVE. Please use CVE-2023-32297."
}
]
}

18
2023/3xxx/CVE-2023-3963.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3963",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/3xxx/CVE-2023-3964.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3964",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/3xxx/CVE-2023-3965.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3965",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}