admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-09 21:00:40 +00:00
parent d367900c9b
commit 48f8126a61
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 279 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2023/26xxx/CVE-2023-26465.json
View File

@ -4,14 +4,84 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26465",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@pega.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Pegasystems",
"product": {
"product_data": [
{
"product_name": "Pega Infinity",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_value": "7.2"
},
{
"version_affected": "<",
"version_value": "8.8.2"
}
]
}
}
]
}
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Maciej Piechota"
}
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"AC": "L",
"PR": "L",
"UI": "R",
"S": "U",
"C": "H",
"I": "H",
"A": "H",
"SCORE": "8.0"
}
}
},
"references": {
"reference_data": [
{
"url": "https://support.pega.com/support-doc/pega-security-advisory-a23-vulnerability-remediation-note",
"refsource": "MISC",
"name": "https://support.pega.com/support-doc/pega-security-advisory-a23-vulnerability-remediation-note"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Pega Platform versions 7.2 to 8.8.1 are affected by an XSS issue."
}
]
}

62
2023/29xxx/CVE-2023-29751.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29751",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md"
}
]
}

62
2023/29xxx/CVE-2023-29753.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29753",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause a denial of service via the SharedPreference files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29753/CVE%20detailed.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29753/CVE%20detailed.md"
}
]
}

106
2023/3xxx/CVE-2023-3187.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-3187",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Teachers Record Management System 1.0. Affected by this issue is some unknown functionality of the file /changeimage.php of the component Profile Picture Handler. The manipulation of the argument newpic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231176."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in PHPGurukul Teachers Record Management System 1.0 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /changeimage.php der Komponente Profile Picture Handler. Dank der Manipulation des Arguments newpic mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload",
"cweId": "CWE-434"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Teachers Record Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.231176",
"refsource": "MISC",
"name": "https://vuldb.com/?id.231176"
},
{
"url": "https://vuldb.com/?ctiid.231176",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.231176"
},
{
"url": "https://github.com/ctflearner/Vulnerability/blob/main/Teacher_Record_Management_System/trms.md",
"refsource": "MISC",
"name": "https://github.com/ctflearner/Vulnerability/blob/main/Teacher_Record_Management_System/trms.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Affan (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}