admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 21:00:35 +00:00
parent d494bf6ef3
commit 365a207b2c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 969 additions and 345 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

294
2021/4xxx/CVE-2021-4034.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2021-4034 polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector"
"value": "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "(CWE-787|CWE-125)",
"cweId": "CWE-787"
}
]
}
@ -32,181 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support",
"product_name": "polkit",
"version": {
"version_data": [
{
"version_value": "0:0.96-11.el6_10.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.112-26.el7_9.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-12.el7_3.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-12.el7_4.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.112-18.el7_6.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.112-22.el7_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:0.115-13.el8_5.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:0.115-9.el8_1.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.115-11.el8_2.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:0.115-11.el8_4.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.3.21-20220126.0.el7_9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.4.10-202202081536_8.5",
"version_affected": "!"
"version_affected": "=",
"version_value": "all"
}
]
}
@ -219,11 +54,21 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"refsource": "MISC",
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
"refsource": "MISC",
"name": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683",
"refsource": "MISC",
@ -249,81 +94,6 @@
"refsource": "MISC",
"name": "https://www.suse.com/support/kb/doc/?id=000020564"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0265",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0265"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0266",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0266"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0267",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0267"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0268",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0268"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0269",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0269"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0270",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0270"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0271",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0271"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0272",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0272"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0273",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0273"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0274",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0274"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0443",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0443"
},
{
"url": "https://access.redhat.com/errata/RHSA-2022:0540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2022:0540"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2021-4034",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-4034"
},
{
"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001",
"refsource": "MISC",
"name": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf",
"refsource": "MISC",
@ -335,35 +105,5 @@
"name": "https://www.starwindsoftware.com/security/sw-20220818-0001/"
}
]
},
"work_around": [
{
"lang": "en",
"value": "For customers who cannot update immediately and doesn't have Secure Boot feature enabled, the issue can be mitigated by executing the following steps:\n\n1) Install required systemtap packages and dependencies as per - pointed by https://access.redhat.com/solutions/5441\n\n2) Install polkit debug info:\n ~~~\n debuginfo-install polkit\n ~~~\n\n3) Create the following systemtap script, and name it pkexec-block.stp:\n ~~~\n probe process(\"/usr/bin/pkexec\").function(\"main\") {\n if (cmdline_arg(1) == \"\")\n raise(9);\n}\n~~~\n\n4) Load the systemtap module into the running kernel:\n ~~~\n stap -g -F -m stap_pkexec_block pkexec_block.stp\n ~~~\n\n5) Ensure the module is loaded:\n ~~~\n lsmod | grep -i stap_pkexec_block\nstap_pkexec_block 434176 0\n~~~\n\n6) Once polkit package was updated to the version containing the fix, the systemtap generated kernel module can be removed by running:\n ~~~\n rmmod stap_pkexec_block\n ~~~\n\nThis mitigation doesn't work for Secure Boot enabled system as SystemTap would require an external compiling server to be able to sign the generated kernel module\nwith a key enrolled into the Kernel's keyring."
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

76
2022/45xxx/CVE-2022-45962.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-45962",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-45962",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Open Solutions for Education, Inc openSIS Community Edition v8.0 and earlier is vulnerable to SQL Injection via CalendarModal.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/OS4ED/openSIS-Classic",
"refsource": "MISC",
"name": "https://github.com/OS4ED/openSIS-Classic"
},
{
"url": "https://github.com/OS4ED/openSIS-Classic/blob/381a1ad907285182c88e30b8bb6ce91123d9275d/CalendarModal.php#L30",
"refsource": "MISC",
"name": "https://github.com/OS4ED/openSIS-Classic/blob/381a1ad907285182c88e30b8bb6ce91123d9275d/CalendarModal.php#L30"
},
{
"refsource": "MISC",
"name": "https://ccat.gitbook.io/cyber-sec/cve/cve-2022-45962-postauth-sqli",
"url": "https://ccat.gitbook.io/cyber-sec/cve/cve-2022-45962-postauth-sqli"
},
{
"refsource": "MISC",
"name": "https://github.com/OS4ED/openSIS-Classic/commit/81799fd1de74d7b4bf3c4c37ad6042214e48a469#diff-06a8cd9b045bb97531de5ba5122272ffdd519a78b1daa12060e12e337c8d2016",
"url": "https://github.com/OS4ED/openSIS-Classic/commit/81799fd1de74d7b4bf3c4c37ad6042214e48a469#diff-06a8cd9b045bb97531de5ba5122272ffdd519a78b1daa12060e12e337c8d2016"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/OS4ED/openSIS-Classic/commit/81799fd1de74d7b4bf3c4c37ad6042214e48a469",
"url": "https://github.com/OS4ED/openSIS-Classic/commit/81799fd1de74d7b4bf3c4c37ad6042214e48a469"
}
]
}

106
2022/4xxx/CVE-2022-4905.json
View File

@ -1,17 +1,115 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4905",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in UDX Stateless Media Plugin 3.1.1. It has been declared as problematic. This vulnerability affects the function setup_wizard_interface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 3.2.0 is able to address this issue. The name of the patch is 6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a. It is recommended to upgrade the affected component. VDB-220750 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In UDX Stateless Media Plugin 3.1.1 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Es geht um die Funktion setup_wizard_interface der Datei lib/classes/class-settings.php. Mit der Manipulation des Arguments settings mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Ein Aktualisieren auf die Version 3.2.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "UDX",
"product": {
"product_data": [
{
"product_name": "Stateless Media Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.220750",
"refsource": "MISC",
"name": "https://vuldb.com/?id.220750"
},
{
"url": "https://vuldb.com/?ctiid.220750",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.220750"
},
{
"url": "https://github.com/udx/wp-stateless/pull/630",
"refsource": "MISC",
"name": "https://github.com/udx/wp-stateless/pull/630"
},
{
"url": "https://github.com/udx/wp-stateless/commit/6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a",
"refsource": "MISC",
"name": "https://github.com/udx/wp-stateless/commit/6aee7ae0b0beeb2232ce6e1c82aa7e2041ae151a"
},
{
"url": "https://github.com/udx/wp-stateless/releases/tag/3.2.0",
"refsource": "MISC",
"name": "https://github.com/udx/wp-stateless/releases/tag/3.2.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}

18
2023/0xxx/CVE-2023-0817.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0817",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0818.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0818",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/0xxx/CVE-2023-0819.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0819",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

56
2023/24xxx/CVE-2023-24084.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24084",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-24084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ChiKoi v1.0 was discovered to contain a SQL injection vulnerability via the load_file function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/tanhongit/2023/ChiKoi"
}
]
}

56
2023/24xxx/CVE-2023-24086.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24086",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-24086",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SLIMS v9.5.2 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /customs/loan_by_class.php?reportView."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/slims.web.id/SLIMS-9.5.2"
}
]
}

56
2023/24xxx/CVE-2023-24646.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-24646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0"
}
]
}

56
2023/24xxx/CVE-2023-24647.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24647",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-24647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0/SQLi",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0/SQLi"
}
]
}

56
2023/24xxx/CVE-2023-24648.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24648",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-24648",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.6.0",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.6.0"
}
]
}

98
2023/25xxx/CVE-2023-25160.json
View File

@ -1,17 +1,107 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25160",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Nextcloud Mail is an email app for the Nextcloud home server platform. Prior to versions 2.2.1, 1.14.5, 1.12.9, and 1.11.8, an attacker can access the mail box by ID getting the subjects and the first characters of the emails. Users should upgrade to Mail 2.2.1 for Nextcloud 25, Mail 1.14.5 for Nextcloud 22-24, Mail 1.12.9 for Nextcloud 21, or Mail 1.11.8 for Nextcloud 20 to receive a patch. No known workarounds are available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639: Authorization Bypass Through User-Controlled Key",
"cweId": "CWE-639"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nextcloud",
"product": {
"product_data": [
{
"product_name": "security-advisories",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 1.11.8"
},
{
"version_affected": "=",
"version_value": ">= 1.12.0, < 1.12.9"
},
{
"version_affected": "=",
"version_value": ">= 1.13.0, < 1.14.5"
},
{
"version_affected": "=",
"version_value": ">= 2.0.0, < 2.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m45f-r5gh-h6cx",
"refsource": "MISC",
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-m45f-r5gh-h6cx"
},
{
"url": "https://github.com/nextcloud/mail/pull/7740",
"refsource": "MISC",
"name": "https://github.com/nextcloud/mail/pull/7740"
},
{
"url": "https://hackerone.com/reports/1784681",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1784681"
}
]
},
"source": {
"advisory": "GHSA-m45f-r5gh-h6cx",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N",
"version": "3.1"
}
]
}

94
2023/25xxx/CVE-2023-25161.json
View File

@ -1,17 +1,103 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25161",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known workarounds are available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nextcloud",
"product": {
"product_data": [
{
"product_name": "security-advisories",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "= 25.0.0"
},
{
"version_affected": "=",
"version_value": ">= 24.0.0, < 24.0.8"
},
{
"version_affected": "=",
"version_value": "< 23.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-492h-596q-xr2f",
"refsource": "MISC",
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-492h-596q-xr2f"
},
{
"url": "https://github.com/nextcloud/server/pull/34632",
"refsource": "MISC",
"name": "https://github.com/nextcloud/server/pull/34632"
},
{
"url": "https://hackerone.com/reports/1691195",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1691195"
}
]
},
"source": {
"advisory": "GHSA-492h-596q-xr2f",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
]
}

90
2023/25xxx/CVE-2023-25162.json
View File

@ -1,17 +1,99 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server prior to 24.0.8 and 23.0.12 and Nextcloud Enterprise server prior to 24.0.8 and 23.0.12 are vulnerable to server-side request forgery (SSRF). Attackers can leverage enclosed alphanumeric payloads to bypass IP filters and gain SSRF, which would allow an attacker to read crucial metadata if the server is hosted on the AWS platform. Nextcloud Server 24.0.8 and 23.0.2 and Nextcloud Enterprise Server 24.0.8 and 23.0.12 contain a patch for this issue. No known workarounds are available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-918: Server-Side Request Forgery (SSRF)",
"cweId": "CWE-918"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nextcloud",
"product": {
"product_data": [
{
"product_name": "security-advisories",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 23.0.12"
},
{
"version_affected": "=",
"version_value": ">= 24.0.0, < 24.0.8"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mqrx-grp7-244m",
"refsource": "MISC",
"name": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mqrx-grp7-244m"
},
{
"url": "https://github.com/nextcloud/server/pull/34160",
"refsource": "MISC",
"name": "https://github.com/nextcloud/server/pull/34160"
},
{
"url": "https://hackerone.com/reports/1702864",
"refsource": "MISC",
"name": "https://hackerone.com/reports/1702864"
}
]
},
"source": {
"advisory": "GHSA-mqrx-grp7-244m",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
]
}

61
2023/25xxx/CVE-2023-25240.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25240",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-25240",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An improper SameSite Attribute vulnerability in pimCore v10.5.15 allows attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions",
"refsource": "MISC",
"name": "https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions"
},
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/pimcore/pimCore-10.5.15",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/pimcore/pimCore-10.5.15"
}
]
}

61
2023/25xxx/CVE-2023-25241.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25241",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-25241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "bgERP v22.31 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bgERP/2023/bgERP-v22.31-Cookie-Session-vulnerability%2BXSS-Reflected",
"refsource": "MISC",
"name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bgERP/2023/bgERP-v22.31-Cookie-Session-vulnerability%2BXSS-Reflected"
},
{
"url": "https://portswigger.net/kb/issues/00500b01_cookie-manipulation-reflected-dom-based",
"refsource": "MISC",
"name": "https://portswigger.net/kb/issues/00500b01_cookie-manipulation-reflected-dom-based"
}
]
}

100
2023/25xxx/CVE-2023-25572.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-25572",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and using the `<RichTextField>` are affected. `<RichTextField>` outputs the field value using `dangerouslySetInnerHTML` without client-side sanitization. If the data isn't sanitized server-side, this opens a possible cross-site scripting (XSS) attack. Versions 3.19.12 and 4.7.6 now use `DOMPurify` to escape the HTML before outputting it with React and `dangerouslySetInnerHTML`. Users who already sanitize HTML data server-side do not need to upgrade. As a workaround, users may replace the `<RichTextField>` by a custom field doing sanitization by hand."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "marmelab",
"product": {
"product_data": [
{
"product_name": "react-admin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 3.19.12"
},
{
"version_affected": "=",
"version_value": ">= 4.0.0, < 4.7.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/marmelab/react-admin/security/advisories/GHSA-5jcr-82fh-339v",
"refsource": "MISC",
"name": "https://github.com/marmelab/react-admin/security/advisories/GHSA-5jcr-82fh-339v"
},
{
"url": "https://github.com/marmelab/react-admin/pull/8644",
"refsource": "MISC",
"name": "https://github.com/marmelab/react-admin/pull/8644"
},
{
"url": "https://github.com/marmelab/react-admin/pull/8645",
"refsource": "MISC",
"name": "https://github.com/marmelab/react-admin/pull/8645"
},
{
"url": "https://github.com/marmelab/react-admin/releases/tag/v3.19.12",
"refsource": "MISC",
"name": "https://github.com/marmelab/react-admin/releases/tag/v3.19.12"
},
{
"url": "https://github.com/marmelab/react-admin/releases/tag/v4.7.6",
"refsource": "MISC",
"name": "https://github.com/marmelab/react-admin/releases/tag/v4.7.6"
}
]
},
"source": {
"advisory": "GHSA-5jcr-82fh-339v",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}