admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-21 15:00:35 +00:00
parent 830027058f
commit 42049707bb
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 441 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2023/37xxx/CVE-2023-37728.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability."
"value": "Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter."
}
]
},

72
2023/38xxx/CVE-2023-38646.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-38646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.metabase.com/blog/security-advisory",
"refsource": "MISC",
"name": "https://www.metabase.com/blog/security-advisory"
},
{
"url": "https://github.com/metabase/metabase/releases/tag/v0.46.6.1",
"refsource": "MISC",
"name": "https://github.com/metabase/metabase/releases/tag/v0.46.6.1"
},
{
"url": "https://news.ycombinator.com/item?id=36812256",
"refsource": "MISC",
"name": "https://news.ycombinator.com/item?id=36812256"
}
]
}
}

92
2023/3xxx/CVE-2023-3819.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3819",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pimcore",
"product": {
"product_data": [
{
"product_name": "pimcore/pimcore",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/be5e4d4c-1b0b-4c01-a1fc-00533135817c",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/be5e4d4c-1b0b-4c01-a1fc-00533135817c"
},
{
"url": "https://github.com/pimcore/pimcore/commit/0237527b3244d251fa5ecd4912dfe4f8b2125c54",
"refsource": "MISC",
"name": "https://github.com/pimcore/pimcore/commit/0237527b3244d251fa5ecd4912dfe4f8b2125c54"
}
]
},
"source": {
"advisory": "be5e4d4c-1b0b-4c01-a1fc-00533135817c",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"baseScore": 7.6,
"baseSeverity": "HIGH"
}
]
}
}

92
2023/3xxx/CVE-2023-3820.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3820",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": " SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pimcore",
"product": {
"product_data": [
{
"product_name": "pimcore/pimcore",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/b00a38b6-d040-494d-bf46-38f46ac1a1db",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/b00a38b6-d040-494d-bf46-38f46ac1a1db"
},
{
"url": "https://github.com/pimcore/pimcore/commit/e641968979d4a2377bbea5e2a76bdede040d0b97",
"refsource": "MISC",
"name": "https://github.com/pimcore/pimcore/commit/e641968979d4a2377bbea5e2a76bdede040d0b97"
}
]
},
"source": {
"advisory": "b00a38b6-d040-494d-bf46-38f46ac1a1db",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH"
}
]
}
}

92
2023/3xxx/CVE-2023-3821.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3821",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pimcore",
"product": {
"product_data": [
{
"product_name": "pimcore/pimcore",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/599ba4f6-c900-4161-9127-f1e6a6e29aaa",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/599ba4f6-c900-4161-9127-f1e6a6e29aaa"
},
{
"url": "https://github.com/pimcore/pimcore/commit/92811f07d39e4ad95c92003868f5f7309489d79c",
"refsource": "MISC",
"name": "https://github.com/pimcore/pimcore/commit/92811f07d39e4ad95c92003868f5f7309489d79c"
}
]
},
"source": {
"advisory": "599ba4f6-c900-4161-9127-f1e6a6e29aaa",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:H",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
}
]
}
}

92
2023/3xxx/CVE-2023-3822.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3822",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pimcore",
"product": {
"product_data": [
{
"product_name": "pimcore/pimcore",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "10.6.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5"
},
{
"url": "https://github.com/pimcore/pimcore/commit/d75888a9b14baaad591548463cca09dfd1395236",
"refsource": "MISC",
"name": "https://github.com/pimcore/pimcore/commit/d75888a9b14baaad591548463cca09dfd1395236"
}
]
},
"source": {
"advisory": "2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"baseScore": 6,
"baseSeverity": "MEDIUM"
}
]
}
}