admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-08 10:00:34 +00:00
parent fb07b90a1b
commit 236068de10
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
66 changed files with 14046 additions and 462 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
2020/15xxx/CVE-2020-15795.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-15795",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-15795",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.2"
}
]
@ -29,48 +95,61 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name label parsing functionality does not properly validate the names in DNS-responses. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.1,
"baseSeverity": "HIGH"
}
]
}

127
2020/27xxx/CVE-2020-27009.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-27009",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-27009",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-823: Use of Out-of-range Pointer Offset",
"cweId": "CWE-823"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.2"
}
]
@ -29,48 +95,61 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-823: Use of Out-of-range Pointer Offset"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-185699.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-04"
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.1,
"baseSeverity": "HIGH"
}
]
}

133
2020/27xxx/CVE-2020-27736.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-27736",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-27736",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination",
"cweId": "CWE-170"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
@ -29,6 +95,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2017.02.3"
}
]
@ -39,6 +106,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1.0"
}
]
@ -49,6 +117,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
@ -59,48 +128,66 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V0.5.0.0"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-170: Improper Null Termination"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

133
2020/27xxx/CVE-2020-27737.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-27737",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-27737",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
@ -29,6 +95,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2017.02.3"
}
]
@ -39,6 +106,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1.0"
}
]
@ -49,6 +117,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
@ -59,48 +128,66 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V0.5.0.0"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

133
2020/27xxx/CVE-2020-27738.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-27738",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-27738",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer",
"cweId": "CWE-788"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
@ -29,6 +95,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2017.02.3"
}
]
@ -39,6 +106,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1.0"
}
]
@ -49,6 +117,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
@ -59,48 +128,66 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V0.5.0.0"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-788: Access of Memory Location After End of Buffer"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a read access past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

124
2020/28xxx/CVE-2020-28388.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2020-28388",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2020-28388",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-342: Predictable Exact Value from Previous Values",
"cweId": "CWE-342"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,20 +36,44 @@
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Series (BACnet)",
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Series (P2 Ethernet)",
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
@ -39,6 +84,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.2"
}
]
@ -49,6 +95,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2012.12"
}
]
@ -59,6 +106,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
@ -69,16 +117,29 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "TALON TC Series (BACnet)",
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
@ -90,42 +151,37 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-342: Predictable Exact Value from Previous Values"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions < V3.5.5), APOGEE PXC Series (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions < V5.2), Nucleus ReadyStart V3 (All versions < V2012.12), Nucleus Source Code (All versions), PLUSCONTROL 1st Gen (All versions), TALON TC Series (BACnet) (All versions < V3.5.5). Initial Sequence Numbers (ISNs) for TCP connections are derived from an insufficiently random source. As a result, the ISN of current and future TCP connections could be predictable. An attacker could hijack existing sessions or spoof future ones."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-362164.pdf"
},
{
"refsource": "CONFIRM",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-344238.pdf"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf"
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436469.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L/E:P/RL:O/RC:C",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}

145
2021/25xxx/CVE-2021-25677.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2021-25677",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2021-25677",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V3 (All versions < V2017.02.4), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-330: Use of Insufficiently Random Values",
"cweId": "CWE-330"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -14,11 +35,56 @@
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "Nucleus NET",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
@ -29,7 +95,12 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2017.02.3"
},
{
"version_affected": "=",
"version_value": "All versions < V2017.02.4"
}
]
}
@ -39,6 +110,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V4.1.0"
}
]
@ -49,6 +121,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Versions including affected DNS modules"
}
]
@ -59,58 +132,70 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V0.5.0.0"
}
]
}
},
{
"product_name": "SIMOTICS CONNECT 400",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V0.5.0.0 < V1.0.0.0"
}
]
}
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"lang": "eng",
"value": "CWE-330: Use of Insufficiently Random Values"
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), SIMOTICS CONNECT 400 (All versions >= V0.5.0.0 < V1.0.0.0). The DNS client does not properly randomize DNS transaction IDs. That could allow an attacker to poison the DNS cache or spoof DNS resolving."
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-705111.pdf"
},
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-669158.pdf"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

64
2021/41xxx/CVE-2021-41544.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-41544",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Siemens Software Center (All versions < V3.0). A DLL Hijacking vulnerability could allow a local attacker to execute code with elevated privileges by placing a malicious DLL in one of the directories on the DLL search path."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-427: Uncontrolled Search Path Element",
"cweId": "CWE-427"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Siemens Software Center",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-188491.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-188491.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

2
2022/30xxx/CVE-2022-30694.json
View File

@ -833,7 +833,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
"version_value": "All versions < V6.22"
}
]
}

64
2022/39xxx/CVE-2022-39062.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39062",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732: Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SICAM TOOLBOX II",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V07.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

883
2022/40xxx/CVE-2022-40510.json
View File

@ -1,17 +1,892 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40510",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8009"
},
{
"version_affected": "=",
"version_value": "APQ8009W"
},
{
"version_affected": "=",
"version_value": "APQ8017"
},
{
"version_affected": "=",
"version_value": "APQ8037"
},
{
"version_affected": "=",
"version_value": "APQ8064AU"
},
{
"version_affected": "=",
"version_value": "APQ8076"
},
{
"version_affected": "=",
"version_value": "APQ8096AU"
},
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8031"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "CSRB31024"
},
{
"version_affected": "=",
"version_value": "MDM8207"
},
{
"version_affected": "=",
"version_value": "MDM9150"
},
{
"version_affected": "=",
"version_value": "MDM9206"
},
{
"version_affected": "=",
"version_value": "MDM9207"
},
{
"version_affected": "=",
"version_value": "MDM9250"
},
{
"version_affected": "=",
"version_value": "MDM9607"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "MDM9640"
},
{
"version_affected": "=",
"version_value": "MDM9650"
},
{
"version_affected": "=",
"version_value": "MSM8108"
},
{
"version_affected": "=",
"version_value": "MSM8208"
},
{
"version_affected": "=",
"version_value": "MSM8209"
},
{
"version_affected": "=",
"version_value": "MSM8608"
},
{
"version_affected": "=",
"version_value": "MSM8909W"
},
{
"version_affected": "=",
"version_value": "MSM8917"
},
{
"version_affected": "=",
"version_value": "MSM8920"
},
{
"version_affected": "=",
"version_value": "MSM8937"
},
{
"version_affected": "=",
"version_value": "MSM8940"
},
{
"version_affected": "=",
"version_value": "MSM8996AU"
},
{
"version_affected": "=",
"version_value": "PM8937"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA4020"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6310"
},
{
"version_affected": "=",
"version_value": "QCA6320"
},
{
"version_affected": "=",
"version_value": "QCA6335"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6584AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCA9367"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCA9379"
},
{
"version_affected": "=",
"version_value": "QCA9984"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6125"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN6024"
},
{
"version_affected": "=",
"version_value": "QCN9011"
},
{
"version_affected": "=",
"version_value": "QCN9012"
},
{
"version_affected": "=",
"version_value": "QCN9024"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS603"
},
{
"version_affected": "=",
"version_value": "QCS605"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "QCS6125"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QCX315"
},
{
"version_affected": "=",
"version_value": "QRB5165"
},
{
"version_affected": "=",
"version_value": "QRB5165M"
},
{
"version_affected": "=",
"version_value": "QRB5165N"
},
{
"version_affected": "=",
"version_value": "QSM8250"
},
{
"version_affected": "=",
"version_value": "Qualcomm215"
},
{
"version_affected": "=",
"version_value": "SA415M"
},
{
"version_affected": "=",
"version_value": "SA515M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SC8180X+SDX55"
},
{
"version_affected": "=",
"version_value": "SD 455"
},
{
"version_affected": "=",
"version_value": "SD 636"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD 8CX"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen2"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen3"
},
{
"version_affected": "=",
"version_value": "SD205"
},
{
"version_affected": "=",
"version_value": "SD210"
},
{
"version_affected": "=",
"version_value": "SD429"
},
{
"version_affected": "=",
"version_value": "SD439"
},
{
"version_affected": "=",
"version_value": "SD450"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD625"
},
{
"version_affected": "=",
"version_value": "SD626"
},
{
"version_affected": "=",
"version_value": "SD632"
},
{
"version_affected": "=",
"version_value": "SD660"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD710"
},
{
"version_affected": "=",
"version_value": "SD712"
},
{
"version_affected": "=",
"version_value": "SD720G"
},
{
"version_affected": "=",
"version_value": "SD730"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD7c"
},
{
"version_affected": "=",
"version_value": "SD820"
},
{
"version_affected": "=",
"version_value": "SD835"
},
{
"version_affected": "=",
"version_value": "SD845"
},
{
"version_affected": "=",
"version_value": "SD850"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDM429W"
},
{
"version_affected": "=",
"version_value": "SDM630"
},
{
"version_affected": "=",
"version_value": "SDW2500"
},
{
"version_affected": "=",
"version_value": "SDX12"
},
{
"version_affected": "=",
"version_value": "SDX20"
},
{
"version_affected": "=",
"version_value": "SDX24"
},
{
"version_affected": "=",
"version_value": "SDX50M"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDX65"
},
{
"version_affected": "=",
"version_value": "SDXR1"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM4375"
},
{
"version_affected": "=",
"version_value": "SM6250"
},
{
"version_affected": "=",
"version_value": "SM6250P"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR2150P"
},
{
"version_affected": "=",
"version_value": "WCD9306"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9330"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9371"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3615"
},
{
"version_affected": "=",
"version_value": "WCN3620"
},
{
"version_affected": "=",
"version_value": "WCN3660"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN3999"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WCN6750"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WCN7850"
},
{
"version_affected": "=",
"version_value": "WCN7851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

107
2022/45xxx/CVE-2022-45937.json
View File

@ -1,12 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "productcert@siemens.com",
"ID": "CVE-2022-45937",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2022-45937",
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the device containing user account credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -15,30 +36,66 @@
"product": {
"product_data": [
{
"product_name": "APOGEE PXC Series (BACnet)",
"product_name": "APOGEE PXC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Series (P2 Ethernet)",
"product_name": "APOGEE PXC Compact (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "TALON TC Series (BACnet)",
"product_name": "APOGEE PXC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "APOGEE PXC Modular (P2 Ethernet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2.8.20"
}
]
}
},
{
"product_name": "TALON TC Compact (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
}
},
{
"product_name": "TALON TC Modular (BACnet)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V3.5.5"
}
]
@ -50,33 +107,23 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions < V3.5.5), APOGEE PXC Series (P2 Ethernet) (All versions < V2.8.20), TALON TC Series (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the device containing user account credentials."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-180579.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}
}

251
2023/21xxx/CVE-2023-21625.json
View File

@ -1,17 +1,260 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information disclosure in Network Services due to buffer over-read while the device receives DNS response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8009"
},
{
"version_affected": "=",
"version_value": "APQ8017"
},
{
"version_affected": "=",
"version_value": "APQ8037"
},
{
"version_affected": "=",
"version_value": "AR8031"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "MDM9205"
},
{
"version_affected": "=",
"version_value": "MDM9250"
},
{
"version_affected": "=",
"version_value": "MDM9650"
},
{
"version_affected": "=",
"version_value": "MSM8108"
},
{
"version_affected": "=",
"version_value": "MSM8208"
},
{
"version_affected": "=",
"version_value": "MSM8209"
},
{
"version_affected": "=",
"version_value": "MSM8608"
},
{
"version_affected": "=",
"version_value": "MSM8917"
},
{
"version_affected": "=",
"version_value": "MSM8937"
},
{
"version_affected": "=",
"version_value": "QCA4004"
},
{
"version_affected": "=",
"version_value": "QCA4010"
},
{
"version_affected": "=",
"version_value": "QCA4020"
},
{
"version_affected": "=",
"version_value": "QCA4024"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QTS110"
},
{
"version_affected": "=",
"version_value": "SD205"
},
{
"version_affected": "=",
"version_value": "SD210"
},
{
"version_affected": "=",
"version_value": "SD429"
},
{
"version_affected": "=",
"version_value": "SD439"
},
{
"version_affected": "=",
"version_value": "SD835"
},
{
"version_affected": "=",
"version_value": "WCD9306"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3615"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN3999"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
}
]
}

807
2023/21xxx/CVE-2023-21626.json
View File

@ -1,17 +1,816 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8009"
},
{
"version_affected": "=",
"version_value": "APQ8017"
},
{
"version_affected": "=",
"version_value": "APQ8037"
},
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "CSRB31024"
},
{
"version_affected": "=",
"version_value": "FSM10056"
},
{
"version_affected": "=",
"version_value": "MDM8207"
},
{
"version_affected": "=",
"version_value": "MDM9205"
},
{
"version_affected": "=",
"version_value": "MDM9206"
},
{
"version_affected": "=",
"version_value": "MDM9207"
},
{
"version_affected": "=",
"version_value": "MDM9607"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "MSM8108"
},
{
"version_affected": "=",
"version_value": "MSM8208"
},
{
"version_affected": "=",
"version_value": "MSM8209"
},
{
"version_affected": "=",
"version_value": "MSM8608"
},
{
"version_affected": "=",
"version_value": "MSM8917"
},
{
"version_affected": "=",
"version_value": "MSM8920"
},
{
"version_affected": "=",
"version_value": "MSM8937"
},
{
"version_affected": "=",
"version_value": "MSM8940"
},
{
"version_affected": "=",
"version_value": "PM8937"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA4004"
},
{
"version_affected": "=",
"version_value": "QCA4020"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6310"
},
{
"version_affected": "=",
"version_value": "QCA6320"
},
{
"version_affected": "=",
"version_value": "QCA6335"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCA9367"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCA9379"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6125"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN7606"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS603"
},
{
"version_affected": "=",
"version_value": "QCS605"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "QCS6125"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QCS8155"
},
{
"version_affected": "=",
"version_value": "QCX315"
},
{
"version_affected": "=",
"version_value": "QSM8350"
},
{
"version_affected": "=",
"version_value": "Qualcomm215"
},
{
"version_affected": "=",
"version_value": "SA4150P"
},
{
"version_affected": "=",
"version_value": "SA4155P"
},
{
"version_affected": "=",
"version_value": "SA415M"
},
{
"version_affected": "=",
"version_value": "SA515M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SA8540P"
},
{
"version_affected": "=",
"version_value": "SA9000P"
},
{
"version_affected": "=",
"version_value": "SC8180X+SDX55"
},
{
"version_affected": "=",
"version_value": "SD 455"
},
{
"version_affected": "=",
"version_value": "SD 636"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen2"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen3"
},
{
"version_affected": "=",
"version_value": "SD205"
},
{
"version_affected": "=",
"version_value": "SD210"
},
{
"version_affected": "=",
"version_value": "SD429"
},
{
"version_affected": "=",
"version_value": "SD439"
},
{
"version_affected": "=",
"version_value": "SD450"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD625"
},
{
"version_affected": "=",
"version_value": "SD626"
},
{
"version_affected": "=",
"version_value": "SD632"
},
{
"version_affected": "=",
"version_value": "SD660"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD710"
},
{
"version_affected": "=",
"version_value": "SD720G"
},
{
"version_affected": "=",
"version_value": "SD730"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD7c"
},
{
"version_affected": "=",
"version_value": "SD835"
},
{
"version_affected": "=",
"version_value": "SD845"
},
{
"version_affected": "=",
"version_value": "SD850"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDM429W"
},
{
"version_affected": "=",
"version_value": "SDM630"
},
{
"version_affected": "=",
"version_value": "SDX24"
},
{
"version_affected": "=",
"version_value": "SDX50M"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDX65"
},
{
"version_affected": "=",
"version_value": "SDXR1"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM4375"
},
{
"version_affected": "=",
"version_value": "SM6250"
},
{
"version_affected": "=",
"version_value": "SM6250P"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7315"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "SXR2150P"
},
{
"version_affected": "=",
"version_value": "WCD9306"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9330"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9371"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3615"
},
{
"version_affected": "=",
"version_value": "WCN3620"
},
{
"version_affected": "=",
"version_value": "WCN3660"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WCN6750"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}

259
2023/21xxx/CVE-2023-21627.json
View File

@ -1,17 +1,268 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21627",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption in Trusted Execution Environment while calling service API with invalid address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCS8155"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WCN7850"
},
{
"version_affected": "=",
"version_value": "WCN7851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

163
2023/21xxx/CVE-2023-21643.json
View File

@ -1,17 +1,172 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption due to untrusted pointer dereference in automotive during system call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8064AU"
},
{
"version_affected": "=",
"version_value": "APQ8096AU"
},
{
"version_affected": "=",
"version_value": "MSM8996AU"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6584AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SA8540P"
},
{
"version_affected": "=",
"version_value": "SA9000P"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
}
]
}

239
2023/21xxx/CVE-2023-21647.json
View File

@ -1,17 +1,248 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21647",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information disclosure in Bluetooth when an GATT packet is received due to improper input validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WCN7850"
},
{
"version_affected": "=",
"version_value": "WCN7851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

203
2023/21xxx/CVE-2023-21648.json
View File

@ -1,17 +1,212 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21648",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption in RIL while trying to send apdu packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "SA515M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

327
2023/21xxx/CVE-2023-21649.json
View File

@ -1,17 +1,336 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21649",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption in WLAN while running doDriverCmd for an unspecific command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8096AU"
},
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "MDM9650"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6554A"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6584AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SM4375"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

271
2023/21xxx/CVE-2023-21650.json
View File

@ -1,17 +1,280 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21650",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "CSRB31024"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "SA415M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

627
2023/21xxx/CVE-2023-21651.json
View File

@ -1,17 +1,636 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21651",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8031"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "MDM9205"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA4004"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6310"
},
{
"version_affected": "=",
"version_value": "QCA6335"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCA9984"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN6024"
},
{
"version_affected": "=",
"version_value": "QCN7606"
},
{
"version_affected": "=",
"version_value": "QCN9011"
},
{
"version_affected": "=",
"version_value": "QCN9012"
},
{
"version_affected": "=",
"version_value": "QCN9024"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS603"
},
{
"version_affected": "=",
"version_value": "QCS605"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QCX315"
},
{
"version_affected": "=",
"version_value": "QRB5165"
},
{
"version_affected": "=",
"version_value": "QRB5165M"
},
{
"version_affected": "=",
"version_value": "QRB5165N"
},
{
"version_affected": "=",
"version_value": "QSM8250"
},
{
"version_affected": "=",
"version_value": "QSM8350"
},
{
"version_affected": "=",
"version_value": "SA515M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SA8540P"
},
{
"version_affected": "=",
"version_value": "SA9000P"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD 8CX"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen2"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen3"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD845"
},
{
"version_affected": "=",
"version_value": "SD850"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDX24"
},
{
"version_affected": "=",
"version_value": "SDX50M"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDX57M"
},
{
"version_affected": "=",
"version_value": "SDX65"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SG4150P"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM4375"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7315"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "SSG2115P"
},
{
"version_affected": "=",
"version_value": "SSG2125P"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR1230P"
},
{
"version_affected": "=",
"version_value": "SXR2150P"
},
{
"version_affected": "=",
"version_value": "WCD9306"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN3999"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WCN6750"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WCN7850"
},
{
"version_affected": "=",
"version_value": "WCN7851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8832"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

547
2023/21xxx/CVE-2023-21652.json
View File

@ -1,17 +1,556 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-21652",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cryptographic issue in HLOS as derived keys used to encrypt/decrypt information is present on stack after use."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCC5100"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6125"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN6024"
},
{
"version_affected": "=",
"version_value": "QCN7606"
},
{
"version_affected": "=",
"version_value": "QCN9024"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS6125"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QSM8350"
},
{
"version_affected": "=",
"version_value": "SA4150P"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SA8540P"
},
{
"version_affected": "=",
"version_value": "SA9000P"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD 8cx Gen3"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD710"
},
{
"version_affected": "=",
"version_value": "SD720G"
},
{
"version_affected": "=",
"version_value": "SD730"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDX50M"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDX65"
},
{
"version_affected": "=",
"version_value": "SDXR1"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SG4150P"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM4375"
},
{
"version_affected": "=",
"version_value": "SM6250"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7315"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "SSG2115P"
},
{
"version_affected": "=",
"version_value": "SSG2125P"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR1230P"
},
{
"version_affected": "=",
"version_value": "SXR2150P"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WCN6750"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WCN7850"
},
{
"version_affected": "=",
"version_value": "WCN7851"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8832"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
]
}

755
2023/22xxx/CVE-2023-22666.json
View File

@ -1,17 +1,764 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22666",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory Corruption in Audio while playing amrwbplus clips with modified content."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "APQ8009"
},
{
"version_affected": "=",
"version_value": "APQ8017"
},
{
"version_affected": "=",
"version_value": "APQ8096AU"
},
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8031"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "CSRB31024"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "MSM8108"
},
{
"version_affected": "=",
"version_value": "MSM8208"
},
{
"version_affected": "=",
"version_value": "MSM8209"
},
{
"version_affected": "=",
"version_value": "MSM8608"
},
{
"version_affected": "=",
"version_value": "MSM8917"
},
{
"version_affected": "=",
"version_value": "MSM8996AU"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA4020"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6310"
},
{
"version_affected": "=",
"version_value": "QCA6320"
},
{
"version_affected": "=",
"version_value": "QCA6335"
},
{
"version_affected": "=",
"version_value": "QCA6390"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6584AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA6698AQ"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCA9379"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6125"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN9011"
},
{
"version_affected": "=",
"version_value": "QCN9012"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS405"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS605"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "QCS6125"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QCX315"
},
{
"version_affected": "=",
"version_value": "QRB5165"
},
{
"version_affected": "=",
"version_value": "QRB5165M"
},
{
"version_affected": "=",
"version_value": "QRB5165N"
},
{
"version_affected": "=",
"version_value": "QSM8250"
},
{
"version_affected": "=",
"version_value": "Qualcomm215"
},
{
"version_affected": "=",
"version_value": "SA4150P"
},
{
"version_affected": "=",
"version_value": "SA4155P"
},
{
"version_affected": "=",
"version_value": "SA415M"
},
{
"version_affected": "=",
"version_value": "SA515M"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SD 636"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD205"
},
{
"version_affected": "=",
"version_value": "SD210"
},
{
"version_affected": "=",
"version_value": "SD429"
},
{
"version_affected": "=",
"version_value": "SD439"
},
{
"version_affected": "=",
"version_value": "SD450"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD625"
},
{
"version_affected": "=",
"version_value": "SD626"
},
{
"version_affected": "=",
"version_value": "SD632"
},
{
"version_affected": "=",
"version_value": "SD660"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD710"
},
{
"version_affected": "=",
"version_value": "SD720G"
},
{
"version_affected": "=",
"version_value": "SD730"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD835"
},
{
"version_affected": "=",
"version_value": "SD845"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888"
},
{
"version_affected": "=",
"version_value": "SD888 5G"
},
{
"version_affected": "=",
"version_value": "SDA429W"
},
{
"version_affected": "=",
"version_value": "SDM429W"
},
{
"version_affected": "=",
"version_value": "SDM630"
},
{
"version_affected": "=",
"version_value": "SDX12"
},
{
"version_affected": "=",
"version_value": "SDX24"
},
{
"version_affected": "=",
"version_value": "SDX50M"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SDX55M"
},
{
"version_affected": "=",
"version_value": "SDX65"
},
{
"version_affected": "=",
"version_value": "SDXR1"
},
{
"version_affected": "=",
"version_value": "SDXR2 5G"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM6250"
},
{
"version_affected": "=",
"version_value": "SM6250P"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7315"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "Snapdragon 4 Gen 1"
},
{
"version_affected": "=",
"version_value": "SXR2150P"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9371"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3615"
},
{
"version_affected": "=",
"version_value": "WCN3620"
},
{
"version_affected": "=",
"version_value": "WCN3660"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3991"
},
{
"version_affected": "=",
"version_value": "WCN3998"
},
{
"version_affected": "=",
"version_value": "WCN3999"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WCN6750"
},
{
"version_affected": "=",
"version_value": "WCN6850"
},
{
"version_affected": "=",
"version_value": "WCN6851"
},
{
"version_affected": "=",
"version_value": "WCN6855"
},
{
"version_affected": "=",
"version_value": "WCN6856"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

1653
2023/24xxx/CVE-2023-24845.json
View File

File diff suppressed because it is too large Load Diff

28
2023/25xxx/CVE-2023-25957.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0). The affected versions of the module insufficiently verifies the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.\r\n\r\nFor compatibility reasons, fix versions still contain this issue, but only when the recommended, default configuration option `'Use Encryption'` is disabled."
"value": "A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.\r\n\r\nFor compatibility reasons, fix versions still contain this issue, but only when the recommended, default configuration option `'Use Encryption'` is disabled."
}
]
},
@ -58,7 +58,7 @@
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, New Track)",
"product_name": "Mendix SAML (Mendix 9 latest compatible, New Track)",
"version": {
"version_data": [
{
@ -69,7 +69,7 @@
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, Upgrade Track)",
"product_name": "Mendix SAML (Mendix 9 latest compatible, Upgrade Track)",
"version": {
"version_data": [
{
@ -78,6 +78,28 @@
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.6 compatible, New Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.1.9 < V3.2.7"
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.6 compatible, Upgrade Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.1.8 < V3.2.6"
}
]
}
}
]
}

64
2023/27xxx/CVE-2023-27411.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27411",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM CROSSBOW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

775
2023/28xxx/CVE-2023-28537.json
View File

@ -1,17 +1,784 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28537",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption while allocating memory in COmxApeDec module in Audio."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "315 5G IoT Modem"
},
{
"version_affected": "=",
"version_value": "APQ8017"
},
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "AR8031"
},
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "CSRA6620"
},
{
"version_affected": "=",
"version_value": "CSRA6640"
},
{
"version_affected": "=",
"version_value": "CSRB31024"
},
{
"version_affected": "=",
"version_value": "FastConnect 6200"
},
{
"version_affected": "=",
"version_value": "FastConnect 6700"
},
{
"version_affected": "=",
"version_value": "FastConnect 6800"
},
{
"version_affected": "=",
"version_value": "FastConnect 6900"
},
{
"version_affected": "=",
"version_value": "Flight RB5 5G Platform"
},
{
"version_affected": "=",
"version_value": "Home Hub 100 Platform"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "MSM8108"
},
{
"version_affected": "=",
"version_value": "MSM8208"
},
{
"version_affected": "=",
"version_value": "MSM8209"
},
{
"version_affected": "=",
"version_value": "MSM8608"
},
{
"version_affected": "=",
"version_value": "MSM8917"
},
{
"version_affected": "=",
"version_value": "MSM8996AU"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6174A"
},
{
"version_affected": "=",
"version_value": "QCA6310"
},
{
"version_affected": "=",
"version_value": "QCA6320"
},
{
"version_affected": "=",
"version_value": "QCA6335"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6421"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6431"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6564"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6584AU"
},
{
"version_affected": "=",
"version_value": "QCA6595"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA6698AQ"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCA9377"
},
{
"version_affected": "=",
"version_value": "QCA9379"
},
{
"version_affected": "=",
"version_value": "QCM2290"
},
{
"version_affected": "=",
"version_value": "QCM4290"
},
{
"version_affected": "=",
"version_value": "QCM6125"
},
{
"version_affected": "=",
"version_value": "QCM6490"
},
{
"version_affected": "=",
"version_value": "QCN9011"
},
{
"version_affected": "=",
"version_value": "QCN9012"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS2290"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS4290"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "QCS6125"
},
{
"version_affected": "=",
"version_value": "QCS6490"
},
{
"version_affected": "=",
"version_value": "QRB5165M"
},
{
"version_affected": "=",
"version_value": "QRB5165N"
},
{
"version_affected": "=",
"version_value": "QSM8250"
},
{
"version_affected": "=",
"version_value": "Qualcomm Robotics RB3 Platform"
},
{
"version_affected": "=",
"version_value": "Qualcomm Robotics RB5 Platform"
},
{
"version_affected": "=",
"version_value": "Qualcomm215"
},
{
"version_affected": "=",
"version_value": "SA4150P"
},
{
"version_affected": "=",
"version_value": "SA4155P"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SD 636"
},
{
"version_affected": "=",
"version_value": "SD 675"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD205"
},
{
"version_affected": "=",
"version_value": "SD210"
},
{
"version_affected": "=",
"version_value": "SD429"
},
{
"version_affected": "=",
"version_value": "SD439"
},
{
"version_affected": "=",
"version_value": "SD450"
},
{
"version_affected": "=",
"version_value": "SD460"
},
{
"version_affected": "=",
"version_value": "SD480"
},
{
"version_affected": "=",
"version_value": "SD625"
},
{
"version_affected": "=",
"version_value": "SD626"
},
{
"version_affected": "=",
"version_value": "SD632"
},
{
"version_affected": "=",
"version_value": "SD660"
},
{
"version_affected": "=",
"version_value": "SD662"
},
{
"version_affected": "=",
"version_value": "SD665"
},
{
"version_affected": "=",
"version_value": "SD670"
},
{
"version_affected": "=",
"version_value": "SD675"
},
{
"version_affected": "=",
"version_value": "SD678"
},
{
"version_affected": "=",
"version_value": "SD680"
},
{
"version_affected": "=",
"version_value": "SD690 5G"
},
{
"version_affected": "=",
"version_value": "SD695"
},
{
"version_affected": "=",
"version_value": "SD710"
},
{
"version_affected": "=",
"version_value": "SD720G"
},
{
"version_affected": "=",
"version_value": "SD730"
},
{
"version_affected": "=",
"version_value": "SD750G"
},
{
"version_affected": "=",
"version_value": "SD765"
},
{
"version_affected": "=",
"version_value": "SD765G"
},
{
"version_affected": "=",
"version_value": "SD768G"
},
{
"version_affected": "=",
"version_value": "SD778G"
},
{
"version_affected": "=",
"version_value": "SD780G"
},
{
"version_affected": "=",
"version_value": "SD835"
},
{
"version_affected": "=",
"version_value": "SD845"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SD870"
},
{
"version_affected": "=",
"version_value": "SD888"
},
{
"version_affected": "=",
"version_value": "SDM429W"
},
{
"version_affected": "=",
"version_value": "SDM630"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SM4125"
},
{
"version_affected": "=",
"version_value": "SM6250"
},
{
"version_affected": "=",
"version_value": "SM6250P"
},
{
"version_affected": "=",
"version_value": "SM7250P"
},
{
"version_affected": "=",
"version_value": "SM7315"
},
{
"version_affected": "=",
"version_value": "SM7325P"
},
{
"version_affected": "=",
"version_value": "Smart Audio 100 Platform"
},
{
"version_affected": "=",
"version_value": "Smart Audio 200 Platform"
},
{
"version_affected": "=",
"version_value": "Smart Display 200 Platform (APQ5053-AA)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 820 Automotive Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 835 Mobile PC Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 888 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon Auto 5G Modem-RF"
},
{
"version_affected": "=",
"version_value": "Snapdragon Wear 4100+ Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon X12 LTE Modem"
},
{
"version_affected": "=",
"version_value": "Snapdragon X24 LTE Modem"
},
{
"version_affected": "=",
"version_value": "Snapdragon X50 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon X55 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon X65 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR1 Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2 5G Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2+ Gen 1 Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon Auto 4G Modem"
},
{
"version_affected": "=",
"version_value": "Snapdragon 4 Gen 1"
},
{
"version_affected": "=",
"version_value": "SXR1120"
},
{
"version_affected": "=",
"version_value": "SXR2130"
},
{
"version_affected": "=",
"version_value": "Vision Intelligence 100 Platform (APQ8053-AA)"
},
{
"version_affected": "=",
"version_value": "Vision Intelligence 200 Platform (APQ8053-AC)"
},
{
"version_affected": "=",
"version_value": "Vision Intelligence 400 Platform"
},
{
"version_affected": "=",
"version_value": "WCD9326"
},
{
"version_affected": "=",
"version_value": "WCD9335"
},
{
"version_affected": "=",
"version_value": "WCD9340"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9360"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9371"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3615"
},
{
"version_affected": "=",
"version_value": "WCN3620"
},
{
"version_affected": "=",
"version_value": "WCN3660"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3910"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN3990"
},
{
"version_affected": "=",
"version_value": "WCN3999"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

347
2023/28xxx/CVE-2023-28555.json
View File

@ -1,17 +1,356 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28555",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Transient DOS in Audio while remapping channel buffer in media codec decoding."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AR8035"
},
{
"version_affected": "=",
"version_value": "FastConnect 6200"
},
{
"version_affected": "=",
"version_value": "FastConnect 6700"
},
{
"version_affected": "=",
"version_value": "FastConnect 6900"
},
{
"version_affected": "=",
"version_value": "FastConnect 7800"
},
{
"version_affected": "=",
"version_value": "MDM9628"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6564A"
},
{
"version_affected": "=",
"version_value": "QCA6564AU"
},
{
"version_affected": "=",
"version_value": "QCA6574"
},
{
"version_affected": "=",
"version_value": "QCA6574A"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6595AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8081"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCM4325"
},
{
"version_affected": "=",
"version_value": "QCM4490"
},
{
"version_affected": "=",
"version_value": "QCN6024"
},
{
"version_affected": "=",
"version_value": "QCN9024"
},
{
"version_affected": "=",
"version_value": "QCS4490"
},
{
"version_affected": "=",
"version_value": "SA4150P"
},
{
"version_affected": "=",
"version_value": "SA4155P"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SD 8 Gen1 5G"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "SG4150P"
},
{
"version_affected": "=",
"version_value": "SM4450"
},
{
"version_affected": "=",
"version_value": "Snapdragon 4 Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 480 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 680 4G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 695 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 8+ Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 888 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon AR2 Gen 1 Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon Auto 5G Modem-RF"
},
{
"version_affected": "=",
"version_value": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon X65 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2 5G Platform"
},
{
"version_affected": "=",
"version_value": "SSG2115P"
},
{
"version_affected": "=",
"version_value": "SSG2125P"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR1230P"
},
{
"version_affected": "=",
"version_value": "SXR2230P"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9375"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCD9385"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WCN6740"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8832"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

71
2023/28xxx/CVE-2023-28561.json
View File

@ -1,17 +1,80 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28561",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Memory corruption in QESL while processing payload from external ESL device to firmware."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "QCN7606"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

307
2023/28xxx/CVE-2023-28575.json
View File

@ -1,17 +1,316 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28575",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AQT1000"
},
{
"version_affected": "=",
"version_value": "C-V2X 9150"
},
{
"version_affected": "=",
"version_value": "FastConnect 6200"
},
{
"version_affected": "=",
"version_value": "FastConnect 6800"
},
{
"version_affected": "=",
"version_value": "FastConnect 6900"
},
{
"version_affected": "=",
"version_value": "FastConnect 7800"
},
{
"version_affected": "=",
"version_value": "QAM8295P"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6420"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6430"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCA6574AU"
},
{
"version_affected": "=",
"version_value": "QCA6696"
},
{
"version_affected": "=",
"version_value": "QCA8337"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "QCS8155"
},
{
"version_affected": "=",
"version_value": "Qualcomm 205 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Qualcomm 215 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "SA6145P"
},
{
"version_affected": "=",
"version_value": "SA6150P"
},
{
"version_affected": "=",
"version_value": "SA6155P"
},
{
"version_affected": "=",
"version_value": "SA8145P"
},
{
"version_affected": "=",
"version_value": "SA8150P"
},
{
"version_affected": "=",
"version_value": "SA8155P"
},
{
"version_affected": "=",
"version_value": "SA8195P"
},
{
"version_affected": "=",
"version_value": "SA8295P"
},
{
"version_affected": "=",
"version_value": "SD855"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "SDX55"
},
{
"version_affected": "=",
"version_value": "Snapdragon 210 Processor"
},
{
"version_affected": "=",
"version_value": "Snapdragon 212 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 855 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon W5+ Gen 1 Wearable Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon Wear 4100+ Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon X55 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2 5G Platform"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR2130"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCN3610"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

191
2023/28xxx/CVE-2023-28576.json
View File

@ -1,17 +1,200 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28576",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to out-of-bounds read/write issues."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "FastConnect 6800"
},
{
"version_affected": "=",
"version_value": "FastConnect 6900"
},
{
"version_affected": "=",
"version_value": "FastConnect 7800"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon X55 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2 5G Platform"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR2130"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

191
2023/28xxx/CVE-2023-28577.json
View File

@ -1,17 +1,200 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28577",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "product-security@qualcomm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Qualcomm, Inc.",
"product": {
"product_data": [
{
"product_name": "Snapdragon",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "FastConnect 6800"
},
{
"version_affected": "=",
"version_value": "FastConnect 6900"
},
{
"version_affected": "=",
"version_value": "FastConnect 7800"
},
{
"version_affected": "=",
"version_value": "QCA6391"
},
{
"version_affected": "=",
"version_value": "QCA6426"
},
{
"version_affected": "=",
"version_value": "QCA6436"
},
{
"version_affected": "=",
"version_value": "QCN9074"
},
{
"version_affected": "=",
"version_value": "QCS410"
},
{
"version_affected": "=",
"version_value": "QCS610"
},
{
"version_affected": "=",
"version_value": "SD865 5G"
},
{
"version_affected": "=",
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865 5G Mobile Platform"
},
{
"version_affected": "=",
"version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
},
{
"version_affected": "=",
"version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
},
{
"version_affected": "=",
"version_value": "Snapdragon X55 5G Modem-RF System"
},
{
"version_affected": "=",
"version_value": "Snapdragon XR2 5G Platform"
},
{
"version_affected": "=",
"version_value": "SW5100"
},
{
"version_affected": "=",
"version_value": "SW5100P"
},
{
"version_affected": "=",
"version_value": "SXR2130"
},
{
"version_affected": "=",
"version_value": "WCD9341"
},
{
"version_affected": "=",
"version_value": "WCD9370"
},
{
"version_affected": "=",
"version_value": "WCD9380"
},
{
"version_affected": "=",
"version_value": "WCN3660B"
},
{
"version_affected": "=",
"version_value": "WCN3680B"
},
{
"version_affected": "=",
"version_value": "WCN3950"
},
{
"version_affected": "=",
"version_value": "WCN3980"
},
{
"version_affected": "=",
"version_value": "WCN3988"
},
{
"version_affected": "=",
"version_value": "WSA8810"
},
{
"version_affected": "=",
"version_value": "WSA8815"
},
{
"version_affected": "=",
"version_value": "WSA8830"
},
{
"version_affected": "=",
"version_value": "WSA8835"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin",
"refsource": "MISC",
"name": "https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

130
2023/28xxx/CVE-2023-28830.json
View File

@ -1,17 +1,139 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28830",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter Visualization V13.2 (All versions < V13.2.0.15), Teamcenter Visualization V13.3 (All versions < V13.3.0.11), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted ASM file. An attacker could leverage this vulnerability to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
},
{
"product_name": "Solid Edge SE2022",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V222.0 Update 13"
}
]
}
},
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 4"
}
]
}
},
{
"product_name": "Teamcenter Visualization V13.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.2.0.15"
}
]
}
},
{
"product_name": "Teamcenter Visualization V13.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.3.0.11"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.1.0.11"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

50
2023/29xxx/CVE-2023-29129.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.4.0), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.3.1 < V3.6.1), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.6.0), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0). The affected versions of the module insufficiently verifies the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.\r\n\r\nThis CVE entry describes the incomplete fix for CVE-2023-25957 in a specific non default configuration."
"value": "A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3 < V1.18.0), Mendix SAML (Mendix 7 compatible) (All versions >= V1.16.4 < V1.17.3), Mendix SAML (Mendix 8 compatible) (All versions >= V2.3.0 < V2.4.0), Mendix SAML (Mendix 8 compatible) (All versions >= V2.2.0 < V2.3.0), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.3.1 < V3.6.1), Mendix SAML (Mendix 9 latest compatible, New Track) (All versions >= V3.1.9 < V3.3.1), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.3.0 < V3.6.0), Mendix SAML (Mendix 9 latest compatible, Upgrade Track) (All versions >= V3.1.8 < V3.3.0), Mendix SAML (Mendix 9.12/9.18 compatible, New Track) (All versions >= V3.3.1 < V3.3.15), Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track) (All versions >= V3.3.0 < V3.3.14), Mendix SAML (Mendix 9.6 compatible, New Track) (All versions >= V3.1.9 < V3.2.7), Mendix SAML (Mendix 9.6 compatible, Upgrade Track) (All versions >= V3.1.8 < V3.2.6). The affected versions of the module insufficiently verify the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.\r\n\r\nThis CVE entry describes the incomplete fix for CVE-2023-25957 in a specific non default configuration."
}
]
},
@ -66,7 +66,7 @@
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, New Track)",
"product_name": "Mendix SAML (Mendix 9 latest compatible, New Track)",
"version": {
"version_data": [
{
@ -81,7 +81,7 @@
}
},
{
"product_name": "Mendix SAML (Mendix 9 compatible, Upgrade Track)",
"product_name": "Mendix SAML (Mendix 9 latest compatible, Upgrade Track)",
"version": {
"version_data": [
{
@ -94,6 +94,50 @@
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.12/9.18 compatible, New Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.3.1 < V3.3.15"
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.12/9.18 compatible, Upgrade Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.3.0 < V3.3.14"
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.6 compatible, New Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.1.9 < V3.2.7"
}
]
}
},
{
"product_name": "Mendix SAML (Mendix 9.6 compatible, Upgrade Track)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions >= V3.1.8 < V3.2.6"
}
]
}
}
]
}

119
2023/30xxx/CVE-2023-30795.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-30795",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243), Parasolid V35.0 (All versions < V35.0.177), Parasolid V35.1 (All versions < V35.1.073). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT Open",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V11.4"
}
]
}
},
{
"product_name": "JT Utilities",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.4"
}
]
}
},
{
"product_name": "Parasolid V34.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.0.253"
}
]
}
},
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.243"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.177"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.073"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

75
2023/30xxx/CVE-2023-30796.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-30796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT Open",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V11.4"
}
]
}
},
{
"product_name": "JT Utilities",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-001569.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

6
2023/30xxx/CVE-2023-30985.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < VX.223.0 Update 3), Solid Edge SE2023 (All versions < VX.223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)"
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain an out of bounds read past the end of an allocated buffer while parsing a specially crafted OBJ file. This vulnerability could allow an attacker to disclose sensitive information. (ZDI-CAN-19426)"
}
]
},
@ -41,11 +41,11 @@
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < VX.223.0 Update 3"
"version_value": "All versions < V223.0 Update 3"
},
{
"version_affected": "=",
"version_value": "All versions < VX.223.0 Update 2"
"version_value": "All versions < V223.0 Update 2"
}
]
}

6
2023/30xxx/CVE-2023-30986.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < VX.223.0 Update 3), Solid Edge SE2023 (All versions < VX.223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561)"
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 3), Solid Edge SE2023 (All versions < V223.0 Update 2). Affected applications contain a memory corruption vulnerability while parsing specially crafted STP files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19561)"
}
]
},
@ -41,11 +41,11 @@
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < VX.223.0 Update 3"
"version_value": "All versions < V223.0 Update 3"
},
{
"version_affected": "=",
"version_value": "All versions < VX.223.0 Update 2"
"version_value": "All versions < V223.0 Update 2"
}
]
}

64
2023/37xxx/CVE-2023-37372.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-37372",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM CROSSBOW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}

64
2023/37xxx/CVE-2023-37373.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-37373",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306: Missing Authentication for Critical Function",
"cweId": "CWE-306"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "RUGGEDCOM CROSSBOW",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V5.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-472630.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

119
2023/38xxx/CVE-2023-38524.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38524",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.171"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"baseScore": 3.3,
"baseSeverity": "LOW"
}
]
}

119
2023/38xxx/CVE-2023-38525.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38525",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.171"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

119
2023/38xxx/CVE-2023-38526.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38526",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.171"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

108
2023/38xxx/CVE-2023-38527.json
View File

@ -1,17 +1,117 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38527",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

123
2023/38xxx/CVE-2023-38528.json
View File

@ -1,17 +1,132 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38528",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.197"
},
{
"version_affected": "=",
"version_value": "All versions < V35.1.184"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

119
2023/38xxx/CVE-2023-38529.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38529",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.184"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

119
2023/38xxx/CVE-2023-38530.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38530",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.171"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

119
2023/38xxx/CVE-2023-38531.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38531",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.184"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

119
2023/38xxx/CVE-2023-38532.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38532",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected application contains a stack exhaustion vulnerability while parsing a specially crafted X_T file. This could allow an attacker to cause denial of service condition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Parasolid V34.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V34.1.258"
}
]
}
},
{
"product_name": "Parasolid V35.0",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.0.254"
}
]
}
},
{
"product_name": "Parasolid V35.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V35.1.171"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.6"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.3",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-407785.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H/E:P/RL:O/RC:C",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
}
]
}

64
2023/38xxx/CVE-2023-38641.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38641",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). The affected application's database service is executed as `NT AUTHORITY\\SYSTEM`.\r\nThis could allow a local attacker to execute operating system commands with elevated privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250: Execution with Unnecessary Privileges",
"cweId": "CWE-250"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "SICAM TOOLBOX II",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V07.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-975961.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

75
2023/38xxx/CVE-2023-38679.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38679",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21106)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Tecnomatix Plant Simulation V2201",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2201.0008"
}
]
}
},
{
"product_name": "Tecnomatix Plant Simulation V2302",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2302.0002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

75
2023/38xxx/CVE-2023-38680.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38680",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21132)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Tecnomatix Plant Simulation V2201",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2201.0008"
}
]
}
},
{
"product_name": "Tecnomatix Plant Simulation V2302",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2302.0002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

75
2023/38xxx/CVE-2023-38681.json
View File

@ -1,17 +1,84 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38681",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted IGS file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21270)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Tecnomatix Plant Simulation V2201",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2201.0008"
}
]
}
},
{
"product_name": "Tecnomatix Plant Simulation V2302",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V2302.0002"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

97
2023/38xxx/CVE-2023-38682.json
View File

@ -1,17 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38682",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted TIFF files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
},
{
"product_name": "Teamcenter Visualization V13.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.2.0.14"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.1.0.10"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

97
2023/38xxx/CVE-2023-38683.json
View File

@ -1,17 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38683",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10), Teamcenter Visualization V14.2 (All versions < V14.2.0.5). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted TIFF file. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "JT2Go",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
},
{
"product_name": "Teamcenter Visualization V13.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V13.2.0.14"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.1",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.1.0.10"
}
]
}
},
{
"product_name": "Teamcenter Visualization V14.2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V14.2.0.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-131450.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39181.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39181",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39182.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39183.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39184.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PSM files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39185.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39186.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39187.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39188.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39188",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

1637
2023/39xxx/CVE-2023-39269.json
View File

File diff suppressed because it is too large Load Diff

64
2023/39xxx/CVE-2023-39419.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39419",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted DFT files. This could allow an attacker to execute code in the context of the current process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-811403.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

64
2023/39xxx/CVE-2023-39549.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39549",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "productcert@siemens.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted DWG file. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19562)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Siemens",
"product": {
"product_data": [
{
"product_name": "Solid Edge SE2023",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "All versions < V223.0 Update 2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-932528.pdf"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:T/RC:C",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}