From 440b02e1b4c756775dc050aa8e75c1ca3be5c1bf Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 22 Mar 2023 12:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2013/10xxx/CVE-2013-10022.json | 18 ++++++ 2023/1xxx/CVE-2023-1559.json | 96 +++++++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1560.json | 101 +++++++++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1561.json | 96 +++++++++++++++++++++++++++++-- 2023/1xxx/CVE-2023-1570.json | 18 ++++++ 2023/1xxx/CVE-2023-1571.json | 18 ++++++ 2023/1xxx/CVE-2023-1572.json | 18 ++++++ 2023/1xxx/CVE-2023-1573.json | 18 ++++++ 8 files changed, 371 insertions(+), 12 deletions(-) create mode 100644 2013/10xxx/CVE-2013-10022.json create mode 100644 2023/1xxx/CVE-2023-1570.json create mode 100644 2023/1xxx/CVE-2023-1571.json create mode 100644 2023/1xxx/CVE-2023-1572.json create mode 100644 2023/1xxx/CVE-2023-1573.json diff --git a/2013/10xxx/CVE-2013-10022.json b/2013/10xxx/CVE-2013-10022.json new file mode 100644 index 00000000000..a21529a5656 --- /dev/null +++ b/2013/10xxx/CVE-2013-10022.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-10022", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1559.json b/2023/1xxx/CVE-2023-1559.json index 0906f951968..996ea407f0e 100644 --- a/2023/1xxx/CVE-2023-1559.json +++ b/2023/1xxx/CVE-2023-1559.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1559", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as problematic was found in SourceCodester Storage Unit Rental Management System 1.0. This vulnerability affects unknown code of the file classes/Users.php?f=save. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223552." + }, + { + "lang": "deu", + "value": "In SourceCodester Storage Unit Rental Management System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei classes/Users.php?f=save. Durch Beeinflussen mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Storage Unit Rental Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.223552", + "refsource": "MISC", + "name": "https://vuldb.com/?id.223552" + }, + { + "url": "https://vuldb.com/?ctiid.223552", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.223552" + }, + { + "url": "https://github.com/ret2hh/bug_report/blob/main/UPLOAD.md", + "refsource": "MISC", + "name": "https://github.com/ret2hh/bug_report/blob/main/UPLOAD.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "bit3hh (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.7, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 4.7, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1560.json b/2023/1xxx/CVE-2023-1560.json index ef9f3755417..27fe9dd77d9 100644 --- a/2023/1xxx/CVE-2023-1560.json +++ b/2023/1xxx/CVE-2023-1560.json @@ -1,17 +1,110 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1560", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as problematic, has been found in TinyTIFF 3.0.0.0. This issue affects some unknown processing of the file tinytiffreader.c of the component File Handler. The manipulation leads to buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-223553 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in TinyTIFF 3.0.0.0 entdeckt. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei tinytiffreader.c der Komponente File Handler. Dank der Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Umgesetzt werden muss der Angriff lokal. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Overflow", + "cweId": "CWE-120" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "TinyTIFF", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "3.0.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.223553", + "refsource": "MISC", + "name": "https://vuldb.com/?id.223553" + }, + { + "url": "https://vuldb.com/?ctiid.223553", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.223553" + }, + { + "url": "https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF", + "refsource": "MISC", + "name": "https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF" + }, + { + "url": "https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/id8", + "refsource": "MISC", + "name": "https://github.com/10cksYiqiyinHangzhouTechnology/Security-Issue-Report-of-TinyTIFF/blob/main/id8" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "10cksYiqiyinHangzhouTechnology (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 2.8, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 2.8, + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 1.7, + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", + "baseSeverity": "LOW" } ] } diff --git a/2023/1xxx/CVE-2023-1561.json b/2023/1xxx/CVE-2023-1561.json index 8224369d966..f2c05087fe4 100644 --- a/2023/1xxx/CVE-2023-1561.json +++ b/2023/1xxx/CVE-2023-1561.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-1561", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in code-projects Simple Online Hotel Reservation System 1.0. Affected is an unknown function of the file add_room.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. VDB-223554 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in code-projects Simple Online Hotel Reservation System 1.0 gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei add_room.php. Dank Manipulation mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Simple Online Hotel Reservation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.223554", + "refsource": "MISC", + "name": "https://vuldb.com/?id.223554" + }, + { + "url": "https://vuldb.com/?ctiid.223554", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.223554" + }, + { + "url": "https://github.com/sincere9/Bug-Hub/blob/main/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf", + "refsource": "MISC", + "name": "https://github.com/sincere9/Bug-Hub/blob/main/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM/SIMPLE%20ONLINE%20HOTEL%20RESERVATION%20SYSTEM%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "sincere (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" } ] } diff --git a/2023/1xxx/CVE-2023-1570.json b/2023/1xxx/CVE-2023-1570.json new file mode 100644 index 00000000000..f45ee2a0769 --- /dev/null +++ b/2023/1xxx/CVE-2023-1570.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1570", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1571.json b/2023/1xxx/CVE-2023-1571.json new file mode 100644 index 00000000000..c967d7f5daa --- /dev/null +++ b/2023/1xxx/CVE-2023-1571.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1571", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1572.json b/2023/1xxx/CVE-2023-1572.json new file mode 100644 index 00000000000..c4199767526 --- /dev/null +++ b/2023/1xxx/CVE-2023-1572.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1572", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1573.json b/2023/1xxx/CVE-2023-1573.json new file mode 100644 index 00000000000..1660d332b4c --- /dev/null +++ b/2023/1xxx/CVE-2023-1573.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1573", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file