admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-29 22:00:33 +00:00
parent 2a085110c0
commit 12620ad82c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
14 changed files with 582 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/11xxx/CVE-2018-11314.json
View File

@ -61,6 +61,11 @@
"name": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325",
"refsource": "MISC",
"url": "https://medium.com/@brannondorsey/attacking-private-networks-from-the-internet-with-dns-rebinding-ea7098a2d325"
},
{
"refsource": "MISC",
"name": "https://support.roku.com/article/12554388937879",
"url": "https://support.roku.com/article/12554388937879"
}
]
}

5
2022/27xxx/CVE-2022-27152.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/llamasoft/RootMyRoku",
"refsource": "MISC",
"name": "https://github.com/llamasoft/RootMyRoku"
},
{
"refsource": "MISC",
"name": "https://support.roku.com/article/12554388937879",
"url": "https://support.roku.com/article/12554388937879"
}
]
}

61
2023/38xxx/CVE-2023-38971.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38971",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-38971",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross Site Scripting vulnerabiltiy in Badaso v.0.0.1 thru v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the rack number parameter in the add new rack function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS3.md",
"refsource": "MISC",
"name": "https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS3.md"
},
{
"refsource": "MISC",
"name": "https://panda002.hashnode.dev/badaso-version-297-has-xss-vulnerability-in-add-ranks",
"url": "https://panda002.hashnode.dev/badaso-version-297-has-xss-vulnerability-in-add-ranks"
}
]
}

61
2023/38xxx/CVE-2023-38975.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-38975",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "* Buffer Overflow vulnerability in qdrant v.1.3.2 allows a remote attacker cause a denial of service via the chucnked_vectors.rs component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/qdrant/qdrant/issues/2268",
"refsource": "MISC",
"name": "https://github.com/qdrant/qdrant/issues/2268"
},
{
"refsource": "MISC",
"name": "https://aisec.today/Qdrant-56dd05e12ca94d75a5e798b3fee80fa3",
"url": "https://aisec.today/Qdrant-56dd05e12ca94d75a5e798b3fee80fa3"
}
]
}

5
2023/38xxx/CVE-2023-38976.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/weaviate/weaviate/issues/3258",
"refsource": "MISC",
"name": "https://github.com/weaviate/weaviate/issues/3258"
},
{
"refsource": "MISC",
"name": "https://aisec.today/Weaviate-26981c6c5f794077bd51d24c88cebf7a",
"url": "https://aisec.today/Weaviate-26981c6c5f794077bd51d24c88cebf7a"
}
]
}

5
2023/39xxx/CVE-2023-39578.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/anh91/Zenario-xss/issues/1",
"refsource": "MISC",
"name": "https://github.com/anh91/Zenario-xss/issues/1"
},
{
"refsource": "MISC",
"name": "https://panda002.hashnode.dev/a-stored-cross-site-scripting-xss-vulnerability-in-the-create-the-function-of-zenario-cms-v94",
"url": "https://panda002.hashnode.dev/a-stored-cross-site-scripting-xss-vulnerability-in-the-create-the-function-of-zenario-cms-v94"
}
]
}

56
2023/41xxx/CVE-2023-41153.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41153",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-41153",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Stored Cross-Site Scripting (XSS) vulnerability in the SSH configuration tab in Usermin 2.001 allows remote attackers to inject arbitrary web script or HTML via options for the host value while editing the host options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://webmin.com/tags/webmin-changelog/",
"refsource": "MISC",
"name": "https://webmin.com/tags/webmin-changelog/"
}
]
}

18
2023/41xxx/CVE-2023-41382.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41382",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/41xxx/CVE-2023-41383.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41383",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/41xxx/CVE-2023-41384.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41384",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/41xxx/CVE-2023-41385.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41385",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/41xxx/CVE-2023-41386.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41386",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

128
2023/4xxx/CVE-2023-4296.json
View File

@ -1,17 +1,137 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4296",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\n\u200bIf an attacker tricks an admin user of PTC Codebeamer into clicking on a malicious link, it may allow the attacker to inject arbitrary code to be executed in the browser on the target device.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PTC",
"product": {
"product_data": [
{
"product_name": "Codebeamer",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThanOrEqual": "v22.10-SP6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "v22.04-SP2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "v21.09-SP13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.0"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-241-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-241-01"
},
{
"url": "https://codebeamer.com/cb/wiki/31346480",
"refsource": "MISC",
"name": "https://codebeamer.com/cb/wiki/31346480"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n<p>PTC recommends the following:</p><ul><li>\u200bVersion 22.10.X: <a target=\"_blank\" rel=\"nofollow\" href=\"https://intland.com/codebeamer-download/\">upgrade to 22.10-SP7</a>&nbsp;or newer version</li><li>\u200bVersion 22.04.X: <a target=\"_blank\" rel=\"nofollow\" href=\"https://intland.com/codebeamer-download/\">upgrade to 22.04-SP3</a>&nbsp;or newer version</li><li>\u200bVersion 21.09.X: <a target=\"_blank\" rel=\"nofollow\" href=\"https://intland.com/codebeamer-download/\">upgrade to 21.09-SP14</a>&nbsp;or newer version</li></ul><p>\u200bDocker Image download: <a target=\"_blank\" rel=\"nofollow\" href=\"https://hub.docker.com/r/intland/codebeamer/tags\">https://hub.docker.com/r/intland/codebeamer/tags</a></p><p>\u200bCodebeamer installers: <a target=\"_blank\" rel=\"nofollow\" href=\"https://intland.com/codebeamer-download/\">https://intland.com/codebeamer-download/</a></p><p>\u200bHosted customers may <a target=\"_blank\" rel=\"nofollow\" href=\"https://codebeamer.com/cb/tracker/1910563?showAll=false\">request an upgrade through the support channel</a>.</p><p>\u200bNote that version 2.0 is not impacted by this vulnerability.</p><p>\u200bFor more information refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://codebeamer.com/cb/wiki/31346480\">PTC Security Advisory and Resolution</a>.</p>\n\n<br>"
}
],
"value": "\nPTC recommends the following:\n\n * \u200bVersion 22.10.X: upgrade to 22.10-SP7 https://intland.com/codebeamer-download/ \u00a0or newer version\n * \u200bVersion 22.04.X: upgrade to 22.04-SP3 https://intland.com/codebeamer-download/ \u00a0or newer version\n * \u200bVersion 21.09.X: upgrade to 21.09-SP14 https://intland.com/codebeamer-download/ \u00a0or newer version\n\n\n\u200bDocker Image download: https://hub.docker.com/r/intland/codebeamer/tags https://hub.docker.com/r/intland/codebeamer/tags \n\n\u200bCodebeamer installers: https://intland.com/codebeamer-download/ https://intland.com/codebeamer-download/ \n\n\u200bHosted customers may request an upgrade through the support channel https://codebeamer.com/cb/tracker/1910563 .\n\n\u200bNote that version 2.0 is not impacted by this vulnerability.\n\n\u200bFor more information refer to PTC Security Advisory and Resolution https://codebeamer.com/cb/wiki/31346480 .\n\n\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Niklas Schilling of SEC Consult Vulnerability Lab reported this vulnerability to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

192
2023/4xxx/CVE-2023-4611.json
View File

@ -1,17 +1,201 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4611",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a local attacker to crash the system or lead to a kernel information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.5-rc4",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4611",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-4611"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2227244"
},
{
"url": "https://www.spinics.net/lists/stable-commits/msg310136.html",
"refsource": "MISC",
"name": "https://www.spinics.net/lists/stable-commits/msg310136.html"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}