From 2caae01ead981192e52b21d15e671e9edb318b5f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 7 Dec 2023 18:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/23xxx/CVE-2021-23814.json | 5 +++ 2023/33xxx/CVE-2023-33411.json | 61 +++++++++++++++++++++++++++---- 2023/33xxx/CVE-2023-33412.json | 61 +++++++++++++++++++++++++++---- 2023/33xxx/CVE-2023-33413.json | 61 +++++++++++++++++++++++++++---- 2023/39xxx/CVE-2023-39909.json | 56 +++++++++++++++++++++++++---- 2023/40xxx/CVE-2023-40300.json | 56 +++++++++++++++++++++++++---- 2023/40xxx/CVE-2023-40301.json | 56 +++++++++++++++++++++++++---- 2023/40xxx/CVE-2023-40302.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41168.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41169.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41170.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41171.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41172.json | 56 +++++++++++++++++++++++++---- 2023/41xxx/CVE-2023-41905.json | 56 +++++++++++++++++++++++++---- 2023/46xxx/CVE-2023-46871.json | 61 +++++++++++++++++++++++++++---- 2023/47xxx/CVE-2023-47440.json | 66 ++++++++++++++++++++++++++++++---- 2023/48xxx/CVE-2023-48958.json | 61 +++++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49404.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49405.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49406.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49408.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49409.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49410.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49411.json | 56 +++++++++++++++++++++++++---- 2023/49xxx/CVE-2023-49787.json | 8 ++--- 2023/49xxx/CVE-2023-49999.json | 56 +++++++++++++++++++++++++---- 2023/50xxx/CVE-2023-50386.json | 18 ++++++++++ 27 files changed, 1262 insertions(+), 148 deletions(-) create mode 100644 2023/50xxx/CVE-2023-50386.json diff --git a/2021/23xxx/CVE-2021-23814.json b/2021/23xxx/CVE-2021-23814.json index 80532e49413..31fa7f6282a 100644 --- a/2021/23xxx/CVE-2021-23814.json +++ b/2021/23xxx/CVE-2021-23814.json @@ -56,6 +56,11 @@ "refsource": "MISC", "url": "https://github.com/UniSharp/laravel-filemanager/blob/master/src/Controllers/UploadController.php%23L26", "name": "https://github.com/UniSharp/laravel-filemanager/blob/master/src/Controllers/UploadController.php%23L26" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/UniSharp/laravel-filemanager/issues/1113#issuecomment-1812092975", + "url": "https://github.com/UniSharp/laravel-filemanager/issues/1113#issuecomment-1812092975" } ] }, diff --git a/2023/33xxx/CVE-2023-33411.json b/2023/33xxx/CVE-2023-33411.json index 78eca0e8b29..2ba3da0b926 100644 --- a/2023/33xxx/CVE-2023-33411.json +++ b/2023/33xxx/CVE-2023-33411.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33411", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33411", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://supermicro.com", + "refsource": "MISC", + "name": "http://supermicro.com" + }, + { + "refsource": "MISC", + "name": "https://www.supermicro.com/en/support/security_BMC_Dec_2023", + "url": "https://www.supermicro.com/en/support/security_BMC_Dec_2023" } ] } diff --git a/2023/33xxx/CVE-2023-33412.json b/2023/33xxx/CVE-2023-33412.json index 4f056ed9117..68bc1761f57 100644 --- a/2023/33xxx/CVE-2023-33412.json +++ b/2023/33xxx/CVE-2023-33412.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33412", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33412", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targeting vulnerable cgi endpoints." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://supermicro.com", + "refsource": "MISC", + "name": "http://supermicro.com" + }, + { + "refsource": "MISC", + "name": "https://www.supermicro.com/en/support/security_BMC_Dec_2023", + "url": "https://www.supermicro.com/en/support/security_BMC_Dec_2023" } ] } diff --git a/2023/33xxx/CVE-2023-33413.json b/2023/33xxx/CVE-2023-33413.json index 4db88e56c9f..49f3f83e39b 100644 --- a/2023/33xxx/CVE-2023-33413.json +++ b/2023/33xxx/CVE-2023-33413.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33413", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33413", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://supermicro.com", + "refsource": "MISC", + "name": "http://supermicro.com" + }, + { + "refsource": "MISC", + "name": "https://www.supermicro.com/en/support/security_BMC_Dec_2023", + "url": "https://www.supermicro.com/en/support/security_BMC_Dec_2023" } ] } diff --git a/2023/39xxx/CVE-2023-39909.json b/2023/39xxx/CVE-2023-39909.json index 378e88e849a..c6dc22c8ef8 100644 --- a/2023/39xxx/CVE-2023-39909.json +++ b/2023/39xxx/CVE-2023-39909.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-39909", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-39909", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.gruppotim.it/it/footer/red-team.html", + "url": "https://www.gruppotim.it/it/footer/red-team.html" } ] } diff --git a/2023/40xxx/CVE-2023-40300.json b/2023/40xxx/CVE-2023-40300.json index c31edb7cc07..07f2a1e8c9f 100644 --- a/2023/40xxx/CVE-2023-40300.json +++ b/2023/40xxx/CVE-2023-40300.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40300", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40300", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/40xxx/CVE-2023-40301.json b/2023/40xxx/CVE-2023-40301.json index 4f94a6be179..e8dca892f31 100644 --- a/2023/40xxx/CVE-2023-40301.json +++ b/2023/40xxx/CVE-2023-40301.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40301", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40301", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/40xxx/CVE-2023-40302.json b/2023/40xxx/CVE-2023-40302.json index c3221f62cd6..6ec94eaf39d 100644 --- a/2023/40xxx/CVE-2023-40302.json +++ b/2023/40xxx/CVE-2023-40302.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40302", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40302", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41168.json b/2023/41xxx/CVE-2023-41168.json index 8fa9d0e652c..bd00b105ead 100644 --- a/2023/41xxx/CVE-2023-41168.json +++ b/2023/41xxx/CVE-2023-41168.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41168", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41168", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 1 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41169.json b/2023/41xxx/CVE-2023-41169.json index ea4707cf749..3f4fd3f7617 100644 --- a/2023/41xxx/CVE-2023-41169.json +++ b/2023/41xxx/CVE-2023-41169.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41169", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41169", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 2 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41170.json b/2023/41xxx/CVE-2023-41170.json index ef56e8cfbbe..2a3fddd420b 100644 --- a/2023/41xxx/CVE-2023-41170.json +++ b/2023/41xxx/CVE-2023-41170.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41170", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41170", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NetScout nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41171.json b/2023/41xxx/CVE-2023-41171.json index 8554f2fb9c4..e24191688f3 100644 --- a/2023/41xxx/CVE-2023-41171.json +++ b/2023/41xxx/CVE-2023-41171.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41171", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41171", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 3 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41172.json b/2023/41xxx/CVE-2023-41172.json index b19e67cd3af..16779534dcb 100644 --- a/2023/41xxx/CVE-2023-41172.json +++ b/2023/41xxx/CVE-2023-41172.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41172", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41172", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NetScout nGeniusONE 6.3.4 build 2298 allows a Stored Cross-Site scripting vulnerability (issue 4 of 4)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/41xxx/CVE-2023-41905.json b/2023/41xxx/CVE-2023-41905.json index 6430ec1f749..5883c251b3d 100644 --- a/2023/41xxx/CVE-2023-41905.json +++ b/2023/41xxx/CVE-2023-41905.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41905", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41905", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "NETSCOUT nGeniusONE 6.3.4 build 2298 allows a Reflected Cross-Site scripting (XSS) vulnerability by an authenticated user." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netscout.com/securityadvisories", + "refsource": "MISC", + "name": "https://www.netscout.com/securityadvisories" } ] } diff --git a/2023/46xxx/CVE-2023-46871.json b/2023/46xxx/CVE-2023-46871.json index 0ec83b46a01..315e157c09c 100644 --- a/2023/46xxx/CVE-2023-46871.json +++ b/2023/46xxx/CVE-2023-46871.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-46871", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-46871", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GPAC version 2.3-DEV-rev602-ged8424300-master in MP4Box contains a memory leak in NewSFDouble scenegraph/vrml_tools.c:300. This vulnerability may lead to a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/2658", + "url": "https://github.com/gpac/gpac/issues/2658" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486", + "url": "https://gist.github.com/ReturnHere/d0899bb03b8f5e8fae118f2b76888486" } ] } diff --git a/2023/47xxx/CVE-2023-47440.json b/2023/47xxx/CVE-2023-47440.json index 6b0c2b9c5c3..b0d6552175b 100644 --- a/2023/47xxx/CVE-2023-47440.json +++ b/2023/47xxx/CVE-2023-47440.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-47440", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-47440", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gladys Assistant v4.27.0 and prior is vulnerable to Directory Traversal. The patch of CVE-2023-43256 was found to be incomplete, allowing authenticated attackers to extract sensitive files in the host machine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GladysAssistant/Gladys/pull/1918/commits/4f56ba250ff9f46578f1afa6a97e62e74bad83b7", + "refsource": "MISC", + "name": "https://github.com/GladysAssistant/Gladys/pull/1918/commits/4f56ba250ff9f46578f1afa6a97e62e74bad83b7" + }, + { + "url": "https://blog.moku.fr/cve/", + "refsource": "MISC", + "name": "https://blog.moku.fr/cve/" + }, + { + "refsource": "MISC", + "name": "https://blog.moku.fr/cves/CVE-2023-47440/", + "url": "https://blog.moku.fr/cves/CVE-2023-47440/" } ] } diff --git a/2023/48xxx/CVE-2023-48958.json b/2023/48xxx/CVE-2023-48958.json index 675b9becf0a..9c7c164d663 100644 --- a/2023/48xxx/CVE-2023-48958.json +++ b/2023/48xxx/CVE-2023-48958.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-48958", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-48958", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "gpac 2.3-DEV-rev617-g671976fcc-master contains memory leaks in gf_mpd_resolve_url media_tools/mpd.c:4589." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gpac/gpac/issues/2689", + "refsource": "MISC", + "name": "https://github.com/gpac/gpac/issues/2689" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/dr0v/1204f7a5f1e1497e7bca066638acfbf5", + "url": "https://gist.github.com/dr0v/1204f7a5f1e1497e7bca066638acfbf5" } ] } diff --git a/2023/49xxx/CVE-2023-49404.json b/2023/49xxx/CVE-2023-49404.json index 3dbf8a85163..c44c587ab24 100644 --- a/2023/49xxx/CVE-2023-49404.json +++ b/2023/49xxx/CVE-2023-49404.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49404", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49404", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setAdvancedSetList/w30e_setAdvancedSetList.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setAdvancedSetList/w30e_setAdvancedSetList.md" } ] } diff --git a/2023/49xxx/CVE-2023-49405.json b/2023/49xxx/CVE-2023-49405.json index 1c0d9593202..e1d51f8500d 100644 --- a/2023/49xxx/CVE-2023-49405.json +++ b/2023/49xxx/CVE-2023-49405.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49405", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49405", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_UploadCfg/w30e_UploadCfg.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_UploadCfg/w30e_UploadCfg.md" } ] } diff --git a/2023/49xxx/CVE-2023-49406.json b/2023/49xxx/CVE-2023-49406.json index a1c332f26f7..5c10e0fcd71 100644 --- a/2023/49xxx/CVE-2023-49406.json +++ b/2023/49xxx/CVE-2023-49406.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49406", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49406", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_telnet/w30e_telnet.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_telnet/w30e_telnet.md" } ] } diff --git a/2023/49xxx/CVE-2023-49408.json b/2023/49xxx/CVE-2023-49408.json index 9a442cf9390..bd4bfc91692 100644 --- a/2023/49xxx/CVE-2023-49408.json +++ b/2023/49xxx/CVE-2023-49408.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49408", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49408", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_setBlackRule/AX3-setBlackRule.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_setBlackRule/AX3-setBlackRule.md" } ] } diff --git a/2023/49xxx/CVE-2023-49409.json b/2023/49xxx/CVE-2023-49409.json index 255c6dcf3b1..a5fb9d6e08e 100644 --- a/2023/49xxx/CVE-2023-49409.json +++ b/2023/49xxx/CVE-2023-49409.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49409", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49409", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_telnet/AX3_telnet.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_telnet/AX3_telnet.md" } ] } diff --git a/2023/49xxx/CVE-2023-49410.json b/2023/49xxx/CVE-2023-49410.json index 04660e68be4..7941f118983 100644 --- a/2023/49xxx/CVE-2023-49410.json +++ b/2023/49xxx/CVE-2023-49410.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49410", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49410", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setIPv6Status/w30e_setIPv6Status.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setIPv6Status/w30e_setIPv6Status.md" } ] } diff --git a/2023/49xxx/CVE-2023-49411.json b/2023/49xxx/CVE-2023-49411.json index 7ed56d272d6..4614f44fa55 100644 --- a/2023/49xxx/CVE-2023-49411.json +++ b/2023/49xxx/CVE-2023-49411.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49411", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49411", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_deleteMesh/w30e_deleteMesh.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_deleteMesh/w30e_deleteMesh.md" } ] } diff --git a/2023/49xxx/CVE-2023-49787.json b/2023/49xxx/CVE-2023-49787.json index f9c5a78db81..08f82e47820 100644 --- a/2023/49xxx/CVE-2023-49787.json +++ b/2023/49xxx/CVE-2023-49787.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-49787", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE request originates from private repository" } ] } diff --git a/2023/49xxx/CVE-2023-49999.json b/2023/49xxx/CVE-2023-49999.json index 16a9d8e3497..c7e75fb14c3 100644 --- a/2023/49xxx/CVE-2023-49999.json +++ b/2023/49xxx/CVE-2023-49999.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-49999", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-49999", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setUmountUSBPartition/w30e_setUmountUSBPartition.md", + "refsource": "MISC", + "name": "https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setUmountUSBPartition/w30e_setUmountUSBPartition.md" } ] } diff --git a/2023/50xxx/CVE-2023-50386.json b/2023/50xxx/CVE-2023-50386.json new file mode 100644 index 00000000000..a29e8a809b5 --- /dev/null +++ b/2023/50xxx/CVE-2023-50386.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-50386", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file