admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-12-16 02:00:33 +00:00
parent e4ea0405a5
commit 52c2a07e17
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
21 changed files with 507 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
2021/42xxx/CVE-2021-42794.json
View File

@ -1,18 +1,86 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-42794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-42794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior. The application allows a client to provide a malicious connection string that could allow an adversary to port scan the LAN, depending on the hosts' responses."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf",
"refsource": "MISC",
"name": "https://www.exploit-db.com/docs/english/17254-connection-string-parameter-pollution-attacks.pdf"
},
{
"url": "https://www.aveva.com/en/products/edge/",
"refsource": "MISC",
"name": "https://www.aveva.com/en/products/edge/"
},
{
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
}

53
2021/42xxx/CVE-2021-42796.json
View File

@ -5,13 +5,62 @@
"CVE_data_meta": {
"ID": "CVE-2021-42796",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.aveva.com/en/products/edge/",
"url": "https://www.aveva.com/en/products/edge/"
},
{
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in ExecuteCommand() in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior that allows unauthenticated arbitrary commands to be executed."
}
]
}

53
2021/42xxx/CVE-2021-42797.json
View File

@ -5,13 +5,62 @@
"CVE_data_meta": {
"ID": "CVE-2021-42797",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.aveva.com/en/products/edge/",
"url": "https://www.aveva.com/en/products/edge/"
},
{
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-326-01"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Path traversal vulnerability in AVEVA Edge (formerly InduSoft Web Studio) versions R2020 and prior allows an unauthenticated user to steal the Windows access token of the user account configured for accessing external DB resources."
}
]
}

53
2022/24xxx/CVE-2022-24351.json
View File

@ -5,13 +5,62 @@
"CVE_data_meta": {
"ID": "CVE-2022-24351",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge",
"url": "https://www.insyde.com/security-pledge"
},
{
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge/SA-2023038",
"url": "https://www.insyde.com/security-pledge/SA-2023038"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TOCTOU race-condition vulnerability in Insyde InsydeH2O with Kernel 5.2 before version 05.27.29, Kernel 5.3 before version 05.36.29, Kernel 5.4 version before 05.44.13, and Kernel 5.5 before version 05.52.13 allows an attacker to alter data and code used by the remainder of the boot process."
}
]
}

4
2023/31xxx/CVE-2023-31813.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-31813",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-2804. Reason: This record is a duplicate of CVE-2023-2804. Notes: All CVE users should reference CVE-2023-2804 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}

64
2023/39xxx/CVE-2023-39340.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39340",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ivanti",
"product": {
"product_data": [
{
"product_name": "Connect Secure",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "22.6.1",
"version_value": "22.6.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://forums.ivanti.com/s/article/Security-fix-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US",
"refsource": "MISC",
"name": "https://forums.ivanti.com/s/article/Security-fix-release-Ivanti-Connect-Secure-22-6R2-and-22-6R2-1?language=en_US"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

5
2023/39xxx/CVE-2023-39539.json
View File

@ -67,6 +67,11 @@
"url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023009.pdf",
"refsource": "MISC",
"name": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023009.pdf"
},
{
"url": "https://www.kb.cert.org/vuls/id/811862",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/811862"
}
]
},

5
2023/40xxx/CVE-2023-40238.json
View File

@ -57,6 +57,11 @@
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge"
},
{
"refsource": "CERT-VN",
"name": "VU#811862",
"url": "https://www.kb.cert.org/vuls/id/811862"
},
{
"refsource": "CONFIRM",
"name": "https://www.insyde.com/security-pledge/SA-2023053",

5
2023/46xxx/CVE-2023-46751.json
View File

@ -66,6 +66,11 @@
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=707264",
"refsource": "MISC",
"name": "https://bugs.ghostscript.com/show_bug.cgi?id=707264"
},
{
"refsource": "DEBIAN",
"name": "DSA-5578",
"url": "https://www.debian.org/security/2023/dsa-5578"
}
]
}

18
2023/50xxx/CVE-2023-50933.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50933",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50934.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50934",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50935.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50935",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50936.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50936",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50937.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50937",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50938.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50939.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50939",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50940.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50940",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50941.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/50xxx/CVE-2023-50942.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-50942",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2023/5xxx/CVE-2023-5058.json
View File

@ -71,6 +71,11 @@
"url": "https://www.phoenix.com/security-notifications/cve-2023-5058/",
"refsource": "MISC",
"name": "https://www.phoenix.com/security-notifications/cve-2023-5058/"
},
{
"url": "https://www.kb.cert.org/vuls/id/811862",
"refsource": "MISC",
"name": "https://www.kb.cert.org/vuls/id/811862"
}
]
},

18
2023/6xxx/CVE-2023-6884.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6884",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}