"-Synchronized-Data."

2025-05-06 10:41:46 +00:00 · 2023-06-08 17:00:39 +00:00 · 2023-06-08 17:00:39 +00:00 · 060169cd28
commit 060169cd28
parent afb2171def
7 changed files with 132 additions and 1 deletions
--- a/2005/1xxx/CVE-2005-1513.json
+++ b/2005/1xxx/CVE-2005-1513.json
@ -136,6 +136,11 @@
                "refsource": "FULLDISC",
                "name": "20230607 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863",
                "url": "http://seclists.org/fulldisclosure/2023/Jun/2"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2023/1xxx/CVE-2023-1133.json
+++ b/2023/1xxx/CVE-2023-1133.json
@ -58,6 +58,11 @@
                "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02",
                "refsource": "MISC",
                "name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-080-02"
+            },
+            {
+                "url": "http://packetstormsecurity.com/files/172799/Delta-Electronics-InfraSuite-Device-Master-Deserialization.html",
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/172799/Delta-Electronics-InfraSuite-Device-Master-Deserialization.html"
            }
        ]
    },
--- a/2023/22xxx/CVE-2023-22833.json
+++ b/2023/22xxx/CVE-2023-22833.json
@ -11,7 +11,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Palantir discovered a software bug in a recently released version of Foundry\u2019s Lime2 service, one of the services backing the Ontology. The software bug has been fixed and the fix has been deployed to your hosted Foundry environment. The vulnerability allowed authenticated users within a Foundry organization to potentially bypass discretionary or mandatory access controls under certain circumstances."
+                "value": "Palantir Foundry deployments running Lime2 versions between 2.519.0 and 2.532.0 were vulnerable a bug that allowed authenticated users within a Foundry organization to bypass discretionary or mandatory access controls under certain circumstances."
            }
        ]
    },
--- a/2023/33xxx/CVE-2023-33863.json
+++ b/2023/33xxx/CVE-2023-33863.json
@ -66,6 +66,11 @@
                "refsource": "FULLDISC",
                "name": "20230607 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863",
                "url": "http://seclists.org/fulldisclosure/2023/Jun/2"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2023/33xxx/CVE-2023-33864.json
+++ b/2023/33xxx/CVE-2023-33864.json
@ -66,6 +66,11 @@
                "refsource": "FULLDISC",
                "name": "20230607 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863",
                "url": "http://seclists.org/fulldisclosure/2023/Jun/2"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2023/33xxx/CVE-2023-33865.json
+++ b/2023/33xxx/CVE-2023-33865.json
@ -66,6 +66,11 @@
                "refsource": "FULLDISC",
                "name": "20230607 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863",
                "url": "http://seclists.org/fulldisclosure/2023/Jun/2"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html",
+                "url": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html"
            }
        ]
    }
--- a/2023/3xxx/CVE-2023-3165.json
+++ b/2023/3xxx/CVE-2023-3165.json
@ -0,0 +1,106 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2023-3165",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability was found in SourceCodester Life Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file insertNominee.php of the component POST Parameter Handler. The manipulation of the argument nominee_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231109 was assigned to this vulnerability."
+            },
+            {
+                "lang": "deu",
+                "value": "In SourceCodester Life Insurance Management System 1.0 wurde eine problematische Schwachstelle ausgemacht. Hierbei betrifft es unbekannten Programmcode der Datei insertNominee.php der Komponente POST Parameter Handler. Durch Beeinflussen des Arguments nominee_id mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross Site Scripting",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "SourceCodester",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Life Insurance Management System",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "1.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.231109",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.231109"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.231109",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.231109"
+            },
+            {
+                "url": "https://github.com/Hanwengao/CVERequests/blob/main/XSS.md",
+                "refsource": "MISC",
+                "name": "https://github.com/Hanwengao/CVERequests/blob/main/XSS.md"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "wengao (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4,
+                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+                "baseSeverity": "MEDIUM"
+            }
+        ]
+    }
+}