From 27a31fd9f81939f57f142c6a4bca00d4998fd638 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 22 Dec 2023 01:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/21xxx/CVE-2023-21162.json | 2 +- 2023/21xxx/CVE-2023-21163.json | 2 +- 2023/21xxx/CVE-2023-21164.json | 2 +- 2023/21xxx/CVE-2023-21166.json | 2 +- 2023/21xxx/CVE-2023-21215.json | 2 +- 2023/21xxx/CVE-2023-21216.json | 2 +- 2023/21xxx/CVE-2023-21217.json | 2 +- 2023/21xxx/CVE-2023-21218.json | 2 +- 2023/21xxx/CVE-2023-21227.json | 2 +- 2023/21xxx/CVE-2023-21228.json | 2 +- 2023/21xxx/CVE-2023-21263.json | 2 +- 2023/21xxx/CVE-2023-21394.json | 5 ++ 2023/21xxx/CVE-2023-21401.json | 2 +- 2023/21xxx/CVE-2023-21402.json | 2 +- 2023/21xxx/CVE-2023-21403.json | 2 +- 2023/35xxx/CVE-2023-35668.json | 5 ++ 2023/35xxx/CVE-2023-35690.json | 2 +- 2023/40xxx/CVE-2023-40073.json | 5 ++ 2023/40xxx/CVE-2023-40074.json | 5 ++ 2023/40xxx/CVE-2023-40075.json | 5 ++ 2023/40xxx/CVE-2023-40076.json | 5 ++ 2023/40xxx/CVE-2023-40077.json | 5 ++ 2023/40xxx/CVE-2023-40078.json | 5 ++ 2023/40xxx/CVE-2023-40079.json | 5 ++ 2023/40xxx/CVE-2023-40080.json | 5 ++ 2023/40xxx/CVE-2023-40081.json | 5 ++ 2023/40xxx/CVE-2023-40082.json | 5 ++ 2023/40xxx/CVE-2023-40083.json | 10 ++++ 2023/40xxx/CVE-2023-40084.json | 5 ++ 2023/40xxx/CVE-2023-40087.json | 5 ++ 2023/40xxx/CVE-2023-40088.json | 5 ++ 2023/40xxx/CVE-2023-40089.json | 5 ++ 2023/40xxx/CVE-2023-40090.json | 5 ++ 2023/40xxx/CVE-2023-40091.json | 5 ++ 2023/40xxx/CVE-2023-40092.json | 5 ++ 2023/40xxx/CVE-2023-40094.json | 5 ++ 2023/40xxx/CVE-2023-40095.json | 5 ++ 2023/40xxx/CVE-2023-40096.json | 20 +++++++ 2023/40xxx/CVE-2023-40097.json | 5 ++ 2023/40xxx/CVE-2023-40098.json | 5 ++ 2023/40xxx/CVE-2023-40103.json | 15 ++++++ 2023/45xxx/CVE-2023-45773.json | 5 ++ 2023/45xxx/CVE-2023-45774.json | 5 ++ 2023/45xxx/CVE-2023-45775.json | 5 ++ 2023/45xxx/CVE-2023-45776.json | 5 ++ 2023/45xxx/CVE-2023-45777.json | 10 ++++ 2023/45xxx/CVE-2023-45781.json | 10 ++++ 2023/51xxx/CVE-2023-51703.json | 18 +++++++ 2023/7xxx/CVE-2023-7052.json | 95 ++++++++++++++++++++++++++++++++-- 49 files changed, 324 insertions(+), 19 deletions(-) create mode 100644 2023/51xxx/CVE-2023-51703.json diff --git a/2023/21xxx/CVE-2023-21162.json b/2023/21xxx/CVE-2023-21162.json index e2f152e9638..bb08554710e 100644 --- a/2023/21xxx/CVE-2023-21162.json +++ b/2023/21xxx/CVE-2023-21162.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21163.json b/2023/21xxx/CVE-2023-21163.json index dcc359220e3..680defeee8a 100644 --- a/2023/21xxx/CVE-2023-21163.json +++ b/2023/21xxx/CVE-2023-21163.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21164.json b/2023/21xxx/CVE-2023-21164.json index 8595fcc2e4c..7caa32c6a7d 100644 --- a/2023/21xxx/CVE-2023-21164.json +++ b/2023/21xxx/CVE-2023-21164.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21166.json b/2023/21xxx/CVE-2023-21166.json index 8c85331feb8..f164bb7ab34 100644 --- a/2023/21xxx/CVE-2023-21166.json +++ b/2023/21xxx/CVE-2023-21166.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21215.json b/2023/21xxx/CVE-2023-21215.json index f9fbb1f9d39..b7f617c48cc 100644 --- a/2023/21xxx/CVE-2023-21215.json +++ b/2023/21xxx/CVE-2023-21215.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21216.json b/2023/21xxx/CVE-2023-21216.json index b8151bf1f8b..37b030b4b19 100644 --- a/2023/21xxx/CVE-2023-21216.json +++ b/2023/21xxx/CVE-2023-21216.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21217.json b/2023/21xxx/CVE-2023-21217.json index 8fd09589aa5..a5e0c893391 100644 --- a/2023/21xxx/CVE-2023-21217.json +++ b/2023/21xxx/CVE-2023-21217.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21218.json b/2023/21xxx/CVE-2023-21218.json index e735fcae70c..11c9eefa83e 100644 --- a/2023/21xxx/CVE-2023-21218.json +++ b/2023/21xxx/CVE-2023-21218.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21227.json b/2023/21xxx/CVE-2023-21227.json index 80d80812531..9e5bb0b9f30 100644 --- a/2023/21xxx/CVE-2023-21227.json +++ b/2023/21xxx/CVE-2023-21227.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is information disclosure." + "value": "In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21228.json b/2023/21xxx/CVE-2023-21228.json index b7ad4bc9924..83ecb3c03ed 100644 --- a/2023/21xxx/CVE-2023-21228.json +++ b/2023/21xxx/CVE-2023-21228.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21263.json b/2023/21xxx/CVE-2023-21263.json index 6f4845009fa..22dadc37d6f 100644 --- a/2023/21xxx/CVE-2023-21263.json +++ b/2023/21xxx/CVE-2023-21263.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": " In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21394.json b/2023/21xxx/CVE-2023-21394.json index 95e22853f65..f85e8d80df2 100644 --- a/2023/21xxx/CVE-2023-21394.json +++ b/2023/21xxx/CVE-2023-21394.json @@ -65,6 +65,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/services/Telecomm/+/68dca62035c49e14ad26a54f614199cb29a3393f", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/services/Telecomm/+/68dca62035c49e14ad26a54f614199cb29a3393f" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/21xxx/CVE-2023-21401.json b/2023/21xxx/CVE-2023-21401.json index 5a9586db429..b39ef73a2d9 100644 --- a/2023/21xxx/CVE-2023-21401.json +++ b/2023/21xxx/CVE-2023-21401.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21402.json b/2023/21xxx/CVE-2023-21402.json index 11da8316362..9e26d9756ad 100644 --- a/2023/21xxx/CVE-2023-21402.json +++ b/2023/21xxx/CVE-2023-21402.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In MMU_UnmapPages of mmu_common.c, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/21xxx/CVE-2023-21403.json b/2023/21xxx/CVE-2023-21403.json index 1e477829926..54c1e5321e4 100644 --- a/2023/21xxx/CVE-2023-21403.json +++ b/2023/21xxx/CVE-2023-21403.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": "In RGXDestroyZSBufferKM of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/35xxx/CVE-2023-35668.json b/2023/35xxx/CVE-2023-35668.json index 7de5b780b2a..14044d034ba 100644 --- a/2023/35xxx/CVE-2023-35668.json +++ b/2023/35xxx/CVE-2023-35668.json @@ -65,6 +65,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/b7bd7df91740da680a5c3a84d8dd91b4ca6956dd", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/b7bd7df91740da680a5c3a84d8dd91b4ca6956dd" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/35xxx/CVE-2023-35690.json b/2023/35xxx/CVE-2023-35690.json index c54d2891495..54ce566955b 100644 --- a/2023/35xxx/CVE-2023-35690.json +++ b/2023/35xxx/CVE-2023-35690.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "There is elevation of privilege." + "value": " In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation." } ] }, diff --git a/2023/40xxx/CVE-2023-40073.json b/2023/40xxx/CVE-2023-40073.json index 2c5d50ccfa9..d99097c9e5a 100644 --- a/2023/40xxx/CVE-2023-40073.json +++ b/2023/40xxx/CVE-2023-40073.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/fe6fef4f9c1f75c12bffa4a1d16d9990cc3fbc35", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/fe6fef4f9c1f75c12bffa4a1d16d9990cc3fbc35" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40074.json b/2023/40xxx/CVE-2023-40074.json index 4e07af22a6e..e0a2ad55967 100644 --- a/2023/40xxx/CVE-2023-40074.json +++ b/2023/40xxx/CVE-2023-40074.json @@ -65,6 +65,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/40e4ea759743737958dde018f3606d778f7a53f3", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/40e4ea759743737958dde018f3606d778f7a53f3" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40075.json b/2023/40xxx/CVE-2023-40075.json index 42d8d825f49..d9c29837ff7 100644 --- a/2023/40xxx/CVE-2023-40075.json +++ b/2023/40xxx/CVE-2023-40075.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/ae768fbb9975fdab267f525831cb52f485ab0ecc", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/ae768fbb9975fdab267f525831cb52f485ab0ecc" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40076.json b/2023/40xxx/CVE-2023-40076.json index 39c769e8bfd..c20cae13843 100644 --- a/2023/40xxx/CVE-2023-40076.json +++ b/2023/40xxx/CVE-2023-40076.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/9b68987df85b681f9362a3cadca6496796d23bbc", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/9b68987df85b681f9362a3cadca6496796d23bbc" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40077.json b/2023/40xxx/CVE-2023-40077.json index 1fa5ec073b7..5ee8a7c14d2 100644 --- a/2023/40xxx/CVE-2023-40077.json +++ b/2023/40xxx/CVE-2023-40077.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/av/+/58fd993a89a3a22fa5a4a1a4548125c6783ec80c", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/av/+/58fd993a89a3a22fa5a4a1a4548125c6783ec80c" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40078.json b/2023/40xxx/CVE-2023-40078.json index 605271063ea..7440633a5f1 100644 --- a/2023/40xxx/CVE-2023-40078.json +++ b/2023/40xxx/CVE-2023-40078.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/6cdf985a664476659b84d8c74698cb3dfa28f82b", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/6cdf985a664476659b84d8c74698cb3dfa28f82b" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40079.json b/2023/40xxx/CVE-2023-40079.json index d8b28dd50a6..ea4c7ced0f4 100644 --- a/2023/40xxx/CVE-2023-40079.json +++ b/2023/40xxx/CVE-2023-40079.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/96e0524c48c6e58af7d15a2caf35082186fc8de2", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/96e0524c48c6e58af7d15a2caf35082186fc8de2" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40080.json b/2023/40xxx/CVE-2023-40080.json index 327da8bc951..fe547a360c5 100644 --- a/2023/40xxx/CVE-2023-40080.json +++ b/2023/40xxx/CVE-2023-40080.json @@ -57,6 +57,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7b30443dac7bb9138275c909549110191bcbcae9", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7b30443dac7bb9138275c909549110191bcbcae9" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40081.json b/2023/40xxx/CVE-2023-40081.json index 12cb318c573..6e4d11b285e 100644 --- a/2023/40xxx/CVE-2023-40081.json +++ b/2023/40xxx/CVE-2023-40081.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/1a42ae5379269b9e4dac9f5fbf803c6c731c655d", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/1a42ae5379269b9e4dac9f5fbf803c6c731c655d" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40082.json b/2023/40xxx/CVE-2023-40082.json index aef89ff2e49..c1a64b1605a 100644 --- a/2023/40xxx/CVE-2023-40082.json +++ b/2023/40xxx/CVE-2023-40082.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Virtualization/+/0cf463e9949db2d30755fc63a79225a6158928d3", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Virtualization/+/0cf463e9949db2d30755fc63a79225a6158928d3" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40083.json b/2023/40xxx/CVE-2023-40083.json index 3d4ef569d27..5114a22163b 100644 --- a/2023/40xxx/CVE-2023-40083.json +++ b/2023/40xxx/CVE-2023-40083.json @@ -65,6 +65,16 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a218e5be5e4049eae3b321f2a535a128d65d00b6", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a218e5be5e4049eae3b321f2a535a128d65d00b6" + }, + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ea81185c89097500559d61b3d49fb9633899e848", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ea81185c89097500559d61b3d49fb9633899e848" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40084.json b/2023/40xxx/CVE-2023-40084.json index 7e530fa452e..1c17751c4ce 100644 --- a/2023/40xxx/CVE-2023-40084.json +++ b/2023/40xxx/CVE-2023-40084.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/system/netd/+/1b8bddd96b2efd4074b6d4eee377b62077c031bd", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/system/netd/+/1b8bddd96b2efd4074b6d4eee377b62077c031bd" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40087.json b/2023/40xxx/CVE-2023-40087.json index 67aae1125fa..2d3280535c4 100644 --- a/2023/40xxx/CVE-2023-40087.json +++ b/2023/40xxx/CVE-2023-40087.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/243fdf1c0d53bda9e829b4bec9f7c2a824b4d3d1", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/243fdf1c0d53bda9e829b4bec9f7c2a824b4d3d1" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40088.json b/2023/40xxx/CVE-2023-40088.json index e5cc3ad05f3..84bb85e40fb 100644 --- a/2023/40xxx/CVE-2023-40088.json +++ b/2023/40xxx/CVE-2023-40088.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bfd817719fcf55cbb3476e6b5539a3db4c437fc", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/5bfd817719fcf55cbb3476e6b5539a3db4c437fc" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40089.json b/2023/40xxx/CVE-2023-40089.json index 2c0a671d07e..7aad992fdfd 100644 --- a/2023/40xxx/CVE-2023-40089.json +++ b/2023/40xxx/CVE-2023-40089.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/e2e05f488da6abc765a62e7faf10cb74e729732e", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/e2e05f488da6abc765a62e7faf10cb74e729732e" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40090.json b/2023/40xxx/CVE-2023-40090.json index 4b41dc956ca..8c59f79128f 100644 --- a/2023/40xxx/CVE-2023-40090.json +++ b/2023/40xxx/CVE-2023-40090.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/495417bd068c35de0729d9a332639bd0699153ff", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/495417bd068c35de0729d9a332639bd0699153ff" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40091.json b/2023/40xxx/CVE-2023-40091.json index 32abd521e19..d710fc60e98 100644 --- a/2023/40xxx/CVE-2023-40091.json +++ b/2023/40xxx/CVE-2023-40091.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/0ec7b119d41adcbba23f9349e16de9e7e11683f6", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/0ec7b119d41adcbba23f9349e16de9e7e11683f6" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40092.json b/2023/40xxx/CVE-2023-40092.json index a34322b6b6c..0b9af0c3cb5 100644 --- a/2023/40xxx/CVE-2023-40092.json +++ b/2023/40xxx/CVE-2023-40092.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/a5e55363e69b3c84d3f4011c7b428edb1a25752c", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/a5e55363e69b3c84d3f4011c7b428edb1a25752c" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40094.json b/2023/40xxx/CVE-2023-40094.json index fd93e400b59..fba76f4578d 100644 --- a/2023/40xxx/CVE-2023-40094.json +++ b/2023/40xxx/CVE-2023-40094.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40095.json b/2023/40xxx/CVE-2023-40095.json index 87abe3161b6..9957658dee3 100644 --- a/2023/40xxx/CVE-2023-40095.json +++ b/2023/40xxx/CVE-2023-40095.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/d98abeef8f870b60510feafbadcea0c2f9cbae65", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/d98abeef8f870b60510feafbadcea0c2f9cbae65" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40096.json b/2023/40xxx/CVE-2023-40096.json index f2fa6a8cf37..3422f0a4886 100644 --- a/2023/40xxx/CVE-2023-40096.json +++ b/2023/40xxx/CVE-2023-40096.json @@ -69,6 +69,26 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/b0f6558fb36eb76df35c516ec5a65030a34a8734", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/b0f6558fb36eb76df35c516ec5a65030a34a8734" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/native/+/9ddecd3d2b88de5ff7aa890d7ba9967c30d8b183", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/native/+/9ddecd3d2b88de5ff7aa890d7ba9967c30d8b183" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/av/+/148aeea373febc959c429f2cabd8323508c38ad8", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/av/+/148aeea373febc959c429f2cabd8323508c38ad8" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/av/+/5f401fc9f214789d691798620fea60015962370a", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/av/+/5f401fc9f214789d691798620fea60015962370a" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40097.json b/2023/40xxx/CVE-2023-40097.json index 314e378110b..02d89f7c53a 100644 --- a/2023/40xxx/CVE-2023-40097.json +++ b/2023/40xxx/CVE-2023-40097.json @@ -65,6 +65,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/6c9a41117d5a9365cf34e770bbb00138f6bf997e", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/6c9a41117d5a9365cf34e770bbb00138f6bf997e" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40098.json b/2023/40xxx/CVE-2023-40098.json index bcd7042bc3e..fe3e28f7ade 100644 --- a/2023/40xxx/CVE-2023-40098.json +++ b/2023/40xxx/CVE-2023-40098.json @@ -65,6 +65,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/d21ffbe8a2eeb2a5e6da7efbb1a0430ba6b022e0", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/d21ffbe8a2eeb2a5e6da7efbb1a0430ba6b022e0" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/40xxx/CVE-2023-40103.json b/2023/40xxx/CVE-2023-40103.json index 0b1b7f4065b..056c8fba753 100644 --- a/2023/40xxx/CVE-2023-40103.json +++ b/2023/40xxx/CVE-2023-40103.json @@ -53,6 +53,21 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/e4a821b10a1b020f18fc6fc316b13b90fa450bae", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/e4a821b10a1b020f18fc6fc316b13b90fa450bae" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/58fa254a5d1aee2206de90d5396c01e177483e3a", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/58fa254a5d1aee2206de90d5396c01e177483e3a" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/c3bc12c484ef3bbca4cec19234437c45af5e584d", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/c3bc12c484ef3bbca4cec19234437c45af5e584d" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45773.json b/2023/45xxx/CVE-2023-45773.json index e0495b251e9..ddbe4346cbc 100644 --- a/2023/45xxx/CVE-2023-45773.json +++ b/2023/45xxx/CVE-2023-45773.json @@ -57,6 +57,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7b30443dac7bb9138275c909549110191bcbcae9", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/7b30443dac7bb9138275c909549110191bcbcae9" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45774.json b/2023/45xxx/CVE-2023-45774.json index 49aef541b7b..45c361029cf 100644 --- a/2023/45xxx/CVE-2023-45774.json +++ b/2023/45xxx/CVE-2023-45774.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/f229f0e55b07416badaca0e3493db5af0943c9eb", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/f229f0e55b07416badaca0e3493db5af0943c9eb" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45775.json b/2023/45xxx/CVE-2023-45775.json index c4dc4533ea9..5741c8dabab 100644 --- a/2023/45xxx/CVE-2023-45775.json +++ b/2023/45xxx/CVE-2023-45775.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8e3b3fc918b3ea77754c6d82ab0f09cce81e145b", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8e3b3fc918b3ea77754c6d82ab0f09cce81e145b" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45776.json b/2023/45xxx/CVE-2023-45776.json index 202f34ee360..57a8862337d 100644 --- a/2023/45xxx/CVE-2023-45776.json +++ b/2023/45xxx/CVE-2023-45776.json @@ -53,6 +53,11 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8e3b3fc918b3ea77754c6d82ab0f09cce81e145b", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8e3b3fc918b3ea77754c6d82ab0f09cce81e145b" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45777.json b/2023/45xxx/CVE-2023-45777.json index 020b932abc9..3fe9eedda27 100644 --- a/2023/45xxx/CVE-2023-45777.json +++ b/2023/45xxx/CVE-2023-45777.json @@ -57,6 +57,16 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6" + }, + { + "url": "https://android.googlesource.com/platform/frameworks/base/+/f4644b55d36a549710ba35b6fb797ba744807da6", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/frameworks/base/+/f4644b55d36a549710ba35b6fb797ba744807da6" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/45xxx/CVE-2023-45781.json b/2023/45xxx/CVE-2023-45781.json index f13480e7017..cc4001cbaa9 100644 --- a/2023/45xxx/CVE-2023-45781.json +++ b/2023/45xxx/CVE-2023-45781.json @@ -65,6 +65,16 @@ }, "references": { "reference_data": [ + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a218e5be5e4049eae3b321f2a535a128d65d00b6", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/a218e5be5e4049eae3b321f2a535a128d65d00b6" + }, + { + "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ea81185c89097500559d61b3d49fb9633899e848", + "refsource": "MISC", + "name": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ea81185c89097500559d61b3d49fb9633899e848" + }, { "url": "https://source.android.com/security/bulletin/2023-12-01", "refsource": "MISC", diff --git a/2023/51xxx/CVE-2023-51703.json b/2023/51xxx/CVE-2023-51703.json new file mode 100644 index 00000000000..2d1b77a90d6 --- /dev/null +++ b/2023/51xxx/CVE-2023-51703.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-51703", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/7xxx/CVE-2023-7052.json b/2023/7xxx/CVE-2023-7052.json index 5ca1fa326e8..39c91976cc4 100644 --- a/2023/7xxx/CVE-2023-7052.json +++ b/2023/7xxx/CVE-2023-7052.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7052", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. It has been classified as problematic. This affects an unknown part of the file /user/profile.php. The manipulation of the argument name leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-248739." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in PHPGurukul Online Notes Sharing System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /user/profile.php. Durch das Manipulieren des Arguments name mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Online Notes Sharing System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.248739", + "refsource": "MISC", + "name": "https://vuldb.com/?id.248739" + }, + { + "url": "https://vuldb.com/?ctiid.248739", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.248739" + }, + { + "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_profile_notes.md", + "refsource": "MISC", + "name": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_profile_notes.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "dhabaleshwar (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 4.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5, + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ] }