admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-08 19:00:34 +00:00
parent 1a34e2d73f
commit 4418488d64
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 941 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2023/20xxx/CVE-2023-20569.json
View File

@ -554,6 +554,11 @@
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005",
"refsource": "MISC",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7005"
},
{
"url": "http://xenbits.xen.org/xsa/advisory-434.html",
"refsource": "MISC",
"name": "http://xenbits.xen.org/xsa/advisory-434.html"
}
]
},

124
2023/35xxx/CVE-2023-35391.json
View File

@ -1,17 +1,133 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35391",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft Visual Studio 2022 version 17.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.2.0",
"version_value": "17.2.18"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.4.0",
"version_value": "17.4.10"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.6",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.6.0",
"version_value": "17.6.6"
}
]
}
},
{
"product_name": "ASP.NET Core 2.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0",
"version_value": "2.1.40"
}
]
}
},
{
"product_name": ".NET 6.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.21"
}
]
}
},
{
"product_name": ".NET 7.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.0.0",
"version_value": "7.0.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35391"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.1,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C"
}
]
}

124
2023/36xxx/CVE-2023-36873.json
View File

@ -1,17 +1,133 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36873",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ".NET Framework Spoofing Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Spoofing"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft .NET Framework 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "4.8.4654.06"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "3.5.4654.08"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "3.5.04057.05"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "4.7.04057.05"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.8.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.1",
"version_value": "3.5.09176.01"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "4.7.04057.05"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36873",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36873"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.4,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C"
}
]
}

6
2023/36xxx/CVE-2023-36884.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Windows Search Security Feature Bypass Vulnerability"
"value": "Windows Search Remote Code Execution Vulnerability"
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
"value": "Remote Code Execution"
}
]
}
@ -312,7 +312,7 @@
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C"
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C"
}
]
}

136
2023/36xxx/CVE-2023-36899.json
View File

@ -1,17 +1,145 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-36899",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ASP.NET Elevation of Privilege Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "Microsoft .NET Framework 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "4.8.4654.06"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.8",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.0",
"version_value": "4.8.04654.06"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "4.7.04057.05"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.8.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.8.1",
"version_value": "4.8.09176.01"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 3.5 AND 4.7.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "4.7.4057.05"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 4.6.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.7.0",
"version_value": "4.7.04057.05"
}
]
}
},
{
"product_name": "Microsoft .NET Framework 2.0 Service Pack 2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0.0",
"version_value": "2.0.50727.8974"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36899",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36899"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C"
}
]
}

124
2023/38xxx/CVE-2023-38180.json
View File

@ -1,17 +1,133 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38180",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@microsoft.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": ".NET and Visual Studio Denial of Service Vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Microsoft",
"product": {
"product_data": [
{
"product_name": "ASP.NET Core 2.1",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.0",
"version_value": "2.1.40"
}
]
}
},
{
"product_name": ".NET 6.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "6.0.0",
"version_value": "6.0.21"
}
]
}
},
{
"product_name": ".NET 7.0",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "7.0.0",
"version_value": "7.0.10"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.2",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.2.0",
"version_value": "17.2.18"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.4",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.4.0",
"version_value": "17.4.10"
}
]
}
},
{
"product_name": "Microsoft Visual Studio 2022 version 17.6",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "17.6.0",
"version_value": "17.6.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180",
"refsource": "MISC",
"name": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38180"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C"
}
]
}

4
2023/38xxx/CVE-2023-38815.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-38815",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-40042. Reason: This candidate is a reservation duplicate of CVE-2023-40042. Notes: All CVE users should reference CVE-2023-40042 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

86
2023/39xxx/CVE-2023-39518.json
View File

@ -1,17 +1,95 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39518",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "fobybus",
"product": {
"product_data": [
{
"product_name": "social-media-skeleton",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 1.0.0, < 1.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-2jxx-r967-f76p",
"refsource": "MISC",
"name": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-2jxx-r967-f76p"
},
{
"url": "https://github.com/fobybus/social-media-skeleton/pull/4",
"refsource": "MISC",
"name": "https://github.com/fobybus/social-media-skeleton/pull/4"
},
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/6765d1109016e1f1d707ef47917927c7704e6428",
"refsource": "MISC",
"name": "https://github.com/fobybus/social-media-skeleton/commit/6765d1109016e1f1d707ef47917927c7704e6428"
}
]
},
"source": {
"advisory": "GHSA-2jxx-r967-f76p",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

119
2023/39xxx/CVE-2023-39533.json
View File

@ -1,17 +1,128 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39533",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "go-libp2p is the Go implementation of the libp2p Networking Stack. Prior to versions 0.27.8, 0.28.2, and 0.29.1 malicious peer can use large RSA keys to run a resource exhaustion attack & force a node to spend time doing signature verification of the large key. This vulnerability is present in the core/crypto module of go-libp2p and can occur during the Noise handshake and the libp2p x509 extension verification step. To prevent this attack, go-libp2p versions 0.27.8, 0.28.2, and 0.29.1 restrict RSA keys to <= 8192 bits. To protect one's application, it is necessary to update to these patch releases and to use the updated Go compiler in 1.20.7 or 1.19.12. There are no known workarounds for this issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libp2p",
"product": {
"product_data": [
{
"product_name": "go-libp2p",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "< 0.27.8"
},
{
"version_affected": "=",
"version_value": ">= 0.28.0, < 0.28.2"
},
{
"version_affected": "=",
"version_value": "= 0.29.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/libp2p/go-libp2p/security/advisories/GHSA-876p-8259-xjgg",
"refsource": "MISC",
"name": "https://github.com/libp2p/go-libp2p/security/advisories/GHSA-876p-8259-xjgg"
},
{
"url": "https://github.com/golang/go/issues/61460",
"refsource": "MISC",
"name": "https://github.com/golang/go/issues/61460"
},
{
"url": "https://github.com/libp2p/go-libp2p/pull/2454",
"refsource": "MISC",
"name": "https://github.com/libp2p/go-libp2p/pull/2454"
},
{
"url": "https://github.com/quic-go/quic-go/pull/4012",
"refsource": "MISC",
"name": "https://github.com/quic-go/quic-go/pull/4012"
},
{
"url": "https://github.com/golang/go/commit/2350afd2e8ab054390e284c95d5b089c142db017",
"refsource": "MISC",
"name": "https://github.com/golang/go/commit/2350afd2e8ab054390e284c95d5b089c142db017"
},
{
"url": "https://github.com/libp2p/go-libp2p/commit/0cce607219f3710addc7e18672cffd1f1d912fbb",
"refsource": "MISC",
"name": "https://github.com/libp2p/go-libp2p/commit/0cce607219f3710addc7e18672cffd1f1d912fbb"
},
{
"url": "https://github.com/libp2p/go-libp2p/commit/445be526aea4ee0b1fa5388aa65d32b2816d3a00",
"refsource": "MISC",
"name": "https://github.com/libp2p/go-libp2p/commit/445be526aea4ee0b1fa5388aa65d32b2816d3a00"
},
{
"url": "https://github.com/libp2p/go-libp2p/commit/e30fcf7dfd4715ed89a5e68d7a4f774d3b9aa92d",
"refsource": "MISC",
"name": "https://github.com/libp2p/go-libp2p/commit/e30fcf7dfd4715ed89a5e68d7a4f774d3b9aa92d"
}
]
},
"source": {
"advisory": "GHSA-876p-8259-xjgg",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

18
2023/40xxx/CVE-2023-40038.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40038",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40039.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40040.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2023/40xxx/CVE-2023-40041.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-40041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setWiFiWpsConfig in /lib/cste_modules/wps.so. Attackers can send crafted data in an MQTT packet, via the pin parameter, to control the return address and execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Korey0sh1/IoT_vuln/blob/main/TOTOLINK/T10_V2/lib-cste_modules-wps.md",
"refsource": "MISC",
"name": "https://github.com/Korey0sh1/IoT_vuln/blob/main/TOTOLINK/T10_V2/lib-cste_modules-wps.md"
}
]
}
}

72
2023/40xxx/CVE-2023-40042.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-40042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TOTOLINK T10_v2 5.9c.5061_B20200511 has a stack-based buffer overflow in setStaticDhcpConfig in /lib/cste_modules/lan.so. Attackers can send crafted data in an MQTT packet, via the comment parameter, to control the return address and execute code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.totolink.cn",
"refsource": "MISC",
"name": "http://www.totolink.cn"
},
{
"url": "https://github.com/Korey0sh1/IoT_vuln/blob/main/TOTOLINK/T10_V2/setStaticDhcpConfig.md",
"refsource": "MISC",
"name": "https://github.com/Korey0sh1/IoT_vuln/blob/main/TOTOLINK/T10_V2/setStaticDhcpConfig.md"
},
{
"url": "https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/172/ids/36.html",
"refsource": "MISC",
"name": "https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/172/ids/36.html"
}
]
}
}

18
2023/4xxx/CVE-2023-4246.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4246",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/4xxx/CVE-2023-4247.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4247",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/4xxx/CVE-2023-4248.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4248",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}