admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-29 01:00:34 +00:00
parent d6cde306c1
commit 4121ef503c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 537 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

83
2023/40xxx/CVE-2023-40686.json
View File

@ -1,17 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40686",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Management Central as part of IBM i 7.2, 7.3, 7.4, and 7.5 Navigator contains a local privilege escalation vulnerability. A malicious actor with command line access to the operating system can exploit this vulnerability to elevate privileges to gain component access to the operating system. IBM X-Force ID: 264114."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "i",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.2, 7.3, 7.4, 7.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7060686",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7060686"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264114",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/264114"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
]
}

83
2023/43xxx/CVE-2023-43041.json
View File

@ -1,17 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-43041",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM QRadar SIEM 7.5 is vulnerable to information exposure allowing a delegated Admin tenant user with a specific domain security profile assigned to see data from other domains. This vulnerability is due to an incomplete fix for CVE-2022-34352. IBM X-Force ID: 266808."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "QRadar SIEM",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7060803",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7060803"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266808",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266808"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
}

67
2023/46xxx/CVE-2023-46858.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-46858",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** Moodle 4.3 allows /grade/report/grader/index.php?searchvalue= reflected XSS when logged in as a teacher. NOTE: the Moodle Security FAQ link states \"Some forms of rich content [are] used by teachers to enhance their courses ... admins and teachers can post XSS-capable content, but students can not.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gist.github.com/Abid-Ahmad/12d2b4878eb731e8871b96b7d55125cd",
"refsource": "MISC",
"name": "https://gist.github.com/Abid-Ahmad/12d2b4878eb731e8871b96b7d55125cd"
},
{
"refsource": "MISC",
"name": "https://docs.moodle.org/403/en/Security_FAQ#I_have_discovered_Cross_Site_Scripting_.28XSS.29_is_possible_with_Moodle",
"url": "https://docs.moodle.org/403/en/Security_FAQ#I_have_discovered_Cross_Site_Scripting_.28XSS.29_is_possible_with_Moodle"
}
]
}
}

18
2023/46xxx/CVE-2023-46859.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/46xxx/CVE-2023-46860.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46860",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

92
2023/5xxx/CVE-2023-5838.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-5838",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient Session Expiration in GitHub repository linkstackorg/linkstack prior to v4.2.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-613 Insufficient Session Expiration",
"cweId": "CWE-613"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "linkstackorg",
"product": {
"product_data": [
{
"product_name": "linkstackorg/linkstack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "v4.2.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.com/bounties/8f6feca3-386d-4897-801c-39b9e3e5eb03",
"refsource": "MISC",
"name": "https://huntr.com/bounties/8f6feca3-386d-4897-801c-39b9e3e5eb03"
},
{
"url": "https://github.com/linkstackorg/linkstack/commit/02f620092255f07e1d0252a0190fd42ef773ba05",
"refsource": "MISC",
"name": "https://github.com/linkstackorg/linkstack/commit/02f620092255f07e1d0252a0190fd42ef773ba05"
}
]
},
"source": {
"advisory": "8f6feca3-386d-4897-801c-39b9e3e5eb03",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
}
]
}
}

92
2023/5xxx/CVE-2023-5839.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-5839",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Chaining in GitHub repository hestiacp/hestiacp prior to 1.8.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-268 Privilege Chaining",
"cweId": "CWE-268"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "hestiacp",
"product": {
"product_data": [
{
"product_name": "hestiacp/hestiacp",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "1.8.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.com/bounties/21125f12-64a0-42a3-b218-26b9945a5bc0",
"refsource": "MISC",
"name": "https://huntr.com/bounties/21125f12-64a0-42a3-b218-26b9945a5bc0"
},
{
"url": "https://github.com/hestiacp/hestiacp/commit/acb766e1db53de70534524b3fbc2270689112630",
"refsource": "MISC",
"name": "https://github.com/hestiacp/hestiacp/commit/acb766e1db53de70534524b3fbc2270689112630"
}
]
},
"source": {
"advisory": "21125f12-64a0-42a3-b218-26b9945a5bc0",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}
}

92
2023/5xxx/CVE-2023-5840.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-5840",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password",
"cweId": "CWE-640"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "linkstackorg",
"product": {
"product_data": [
{
"product_name": "linkstackorg/linkstack",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "v4.2.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.com/bounties/8042d8c3-650e-4c0d-9146-d9ccf6082b30",
"refsource": "MISC",
"name": "https://huntr.com/bounties/8042d8c3-650e-4c0d-9146-d9ccf6082b30"
},
{
"url": "https://github.com/linkstackorg/linkstack/commit/fe7b99eae88f9e4c4cd4b00bab372cbf4b584b16",
"refsource": "MISC",
"name": "https://github.com/linkstackorg/linkstack/commit/fe7b99eae88f9e4c4cd4b00bab372cbf4b584b16"
}
]
},
"source": {
"advisory": "8042d8c3-650e-4c0d-9146-d9ccf6082b30",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}
]
}
}