admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-08-17 19:00:34 +00:00
parent 4a473d5d29
commit 52c7165ad8
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
57 changed files with 735 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/6xxx/CVE-2017-6679.json
View File

@ -71,6 +71,11 @@
"name": "https://support.umbrella.com/hc/en-us/articles/115004154423",
"refsource": "MISC",
"url": "https://support.umbrella.com/hc/en-us/articles/115004154423"
},
{
"refsource": "CISCO",
"name": "20230816 Cisco Umbrella Virtual Appliance Undocumented Support Tunnel Vulnerability",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-umbrella-tunnel-gJw5thgE"
}
]
}

5
2022/30xxx/CVE-2022-30333.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html",
"url": "http://packetstormsecurity.com/files/167989/Zimbra-UnRAR-Path-Traversal.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3534-1] rar security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00022.html"
}
]
}

5
2022/48xxx/CVE-2022-48579.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee",
"refsource": "MISC",
"name": "https://github.com/pmachapman/unrar/commit/2ecab6bb5ac4f3b88f270218445496662020205f#diff-ca3086f578522062d7e390ed2cd7e10f646378a8b8cbf287a6e4db5966df68ee"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3535-1] unrar-nonfree security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00023.html"
}
]
}

10
2023/20xxx/CVE-2023-20593.json
View File

@ -323,6 +323,16 @@
"url": "http://www.openwall.com/lists/oss-security/2023/08/08/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/08/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/5"
}
]
},

5
2023/20xxx/CVE-2023-20867.json
View File

@ -71,6 +71,11 @@
"url": "https://security.netapp.com/advisory/ntap-20230725-0001/",
"refsource": "MISC",
"name": "https://security.netapp.com/advisory/ntap-20230725-0001/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html"
}
]
},

5
2023/21xxx/CVE-2023-21930.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21937.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21938.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21939.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21954.json
View File

@ -91,6 +91,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21967.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/21xxx/CVE-2023-21968.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5430",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5430"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22006.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5458",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5458"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22036.json
View File

@ -95,6 +95,11 @@
"url": "https://www.debian.org/security/2023/dsa-5458",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5458"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22041.json
View File

@ -99,6 +99,11 @@
"url": "https://www.debian.org/security/2023/dsa-5458",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5458"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22045.json
View File

@ -103,6 +103,11 @@
"url": "https://www.debian.org/security/2023/dsa-5458",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5458"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22049.json
View File

@ -103,6 +103,11 @@
"url": "https://www.debian.org/security/2023/dsa-5458",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5458"
},
{
"url": "https://www.debian.org/security/2023/dsa-5478",
"refsource": "MISC",
"name": "https://www.debian.org/security/2023/dsa-5478"
}
]
},

5
2023/22xxx/CVE-2023-22955.json
View File

@ -66,6 +66,11 @@
"refsource": "FULLDISC",
"name": "20230815 Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955",
"url": "http://seclists.org/fulldisclosure/2023/Aug/17"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174214/AudioCodes-VoIP-Phones-Insufficient-Firmware-Validation.html",
"url": "http://packetstormsecurity.com/files/174214/AudioCodes-VoIP-Phones-Insufficient-Firmware-Validation.html"
}
]
}

5
2023/22xxx/CVE-2023-22956.json
View File

@ -66,6 +66,11 @@
"refsource": "FULLDISC",
"name": "20230815 Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22956",
"url": "http://seclists.org/fulldisclosure/2023/Aug/16"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174216/AudioCodes-VoIP-Phones-Hardcoded-Key.html",
"url": "http://packetstormsecurity.com/files/174216/AudioCodes-VoIP-Phones-Hardcoded-Key.html"
}
]
}

5
2023/22xxx/CVE-2023-22957.json
View File

@ -66,6 +66,11 @@
"refsource": "FULLDISC",
"name": "20230815 Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22957",
"url": "http://seclists.org/fulldisclosure/2023/Aug/15"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174215/AudioCodes-VoIP-Phones-Hardcoded-Key.html",
"url": "http://packetstormsecurity.com/files/174215/AudioCodes-VoIP-Phones-Hardcoded-Key.html"
}
]
}

2
2023/25xxx/CVE-2023-25599.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2 and 20.x, 21.x, and 22.x through 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page. A successful exploit could allow an attacker to execute arbitrary scripts."
"value": "A vulnerability in the conferencing component of Mitel MiVoice Connect through 19.3 SP2, 22.24.1500.0 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the test_presenter.php page. A successful exploit could allow an attacker to execute arbitrary scripts."
}
]
},

61
2023/26xxx/CVE-2023-26469.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26469",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-26469",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://jorani.org/security-features-in-lms.html",
"refsource": "MISC",
"name": "https://jorani.org/security-features-in-lms.html"
},
{
"refsource": "MISC",
"name": "https://github.com/Orange-Cyberdefense/CVE-repository/tree/master",
"url": "https://github.com/Orange-Cyberdefense/CVE-repository/tree/master"
}
]
}

10
2023/2xxx/CVE-2023-2977.json
View File

@ -68,6 +68,16 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230621 [SECURITY] [DLA 3463-1] opensc security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00025.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-29530cc60b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LAR54OV6EHA56B4XJF6RNPQ4HJ2ITU66/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-2afb831742",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FJD4Q4AJSGE5UIJI7OUYZY4HGGCVYQNI/"
}
]
},

5
2023/30xxx/CVE-2023-30589.json
View File

@ -98,6 +98,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCVG4TQRGTK4LKAZKVEQAUEJM7DUACYE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IV326O2X4BE3SINX5FJHMAKVHUAA4ZYF/"
}
]
}

5
2023/34xxx/CVE-2023-34634.json
View File

@ -71,6 +71,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html"
}
]
}

5
2023/38xxx/CVE-2023-38408.json
View File

@ -126,6 +126,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230803-0010/",
"url": "https://security.netapp.com/advisory/ntap-20230803-0010/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230817 [SECURITY] [DLA 3532-1] openssh security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html"
}
]
}

5
2023/38xxx/CVE-2023-38497.json
View File

@ -88,6 +88,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGKE6PGM4HIQUHPJRBQAHMELINSGN4H4/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGKE6PGM4HIQUHPJRBQAHMELINSGN4H4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMEXGUGPW5OBSQA6URTBNDSU3RAEFOZ4/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMEXGUGPW5OBSQA6URTBNDSU3RAEFOZ4/"
}
]
},

5
2023/38xxx/CVE-2023-38633.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-fc79ee273d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R5BCXT5GW6RCL45ZUHUZR4CJG2BAFDVC/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2023-0873c38acd",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/422NTIHIEBRASIG2DWXYBH4ADYMHY626/"
}
]
}

61
2023/38xxx/CVE-2023-38843.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38843",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-38843",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue in Atlos v.1.0 allows an authenticated attacker to execute arbitrary code via a crafted payload into the description field in the incident function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1",
"refsource": "MISC",
"name": "https://gist.github.com/senzee1984/ff30f0914db39d2741ab17332f0fc6e1"
},
{
"url": "https://github.com/atlosdotorg/atlos",
"refsource": "MISC",
"name": "https://github.com/atlosdotorg/atlos"
}
]
}

61
2023/38xxx/CVE-2023-38905.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38905",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-38905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/jeecgboot/jeecg-boot/issues/4737",
"refsource": "MISC",
"name": "https://github.com/jeecgboot/jeecg-boot/issues/4737"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642",
"url": "https://gist.github.com/wealeson1/e24fc8575f4e051320d69e9a75080642"
}
]
}

61
2023/39xxx/CVE-2023-39741.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39741",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39741",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "lrzip v0.651 was discovered to contain a heap overflow via the libzpaq::PostProcessor::write(int) function at /libzpaq/libzpaq.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ckolivas/lrzip/issues/246",
"refsource": "MISC",
"name": "https://github.com/ckolivas/lrzip/issues/246"
},
{
"url": "https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow",
"refsource": "MISC",
"name": "https://github.com/huanglei3/lrzip_poc/tree/main/lrzip_heap_overflow"
}
]
}

61
2023/39xxx/CVE-2023-39743.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39743",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "lrzip-next LZMA v23.01 was discovered to contain an access violation via the component /bz3_decode_block src/libbz3.c."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/huanglei3/lrzip-next-poc/tree/main",
"refsource": "MISC",
"name": "https://github.com/huanglei3/lrzip-next-poc/tree/main"
},
{
"url": "https://github.com/pete4abw/lrzip-next/issues/132",
"refsource": "MISC",
"name": "https://github.com/pete4abw/lrzip-next/issues/132"
}
]
}

5
2023/40xxx/CVE-2023-40272.json
View File

@ -59,6 +59,11 @@
"url": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/t03gktyzyor20rh06okd91jtqmw6k1l7"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/17/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/17/1"
}
]
},

125
2023/40xxx/CVE-2023-40313.json
View File

@ -1,17 +1,134 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40313",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@opennms.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A BeanShell interpreter in remote server mode runs in OpenMNS Horizon versions earlier than 32.0.2 and in related Meridian versions which could allow arbitrary remote Java code execution. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "The OpenNMS Group",
"product": {
"product_data": [
{
"product_name": "Horizon",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "32.0.2",
"status": "affected",
"version": "29.0.4",
"versionType": "maven"
},
{
"lessThan": "29.0.4",
"status": "unknown",
"version": "0",
"versionType": "maven"
}
],
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Meridian",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "2020.0.0",
"version_value": "2020.1.37"
},
{
"version_affected": "<=",
"version_name": "2021.0.0",
"version_value": "2021.1.29"
},
{
"version_affected": "<=",
"version_name": "2022.0.0",
"version_value": "2022.1.18"
},
{
"version_affected": "<=",
"version_name": "2023.0.0",
"version_value": "2023.1.5"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://docs.opennms.com/horizon/32/releasenotes/changelog.html",
"refsource": "MISC",
"name": "https://docs.opennms.com/horizon/32/releasenotes/changelog.html"
},
{
"url": "https://github.com/OpenNMS/opennms/pull/6368",
"refsource": "MISC",
"name": "https://github.com/OpenNMS/opennms/pull/6368"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
]
}

5
2023/40xxx/CVE-2023-40336.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40337.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40338.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40339.json
View File

@ -71,6 +71,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40340.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3196",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3196"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40341.json
View File

@ -71,6 +71,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40342.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3223",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3223"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40343.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3229",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3229"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40344.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(1)",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(1)"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40345.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(2)",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(2)"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40346.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3071",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3071"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40347.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3153",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3153"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40348.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40349.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40350.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2811",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2811"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

5
2023/40xxx/CVE-2023-40351.json
View File

@ -58,6 +58,11 @@
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3201",
"refsource": "MISC",
"name": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3201"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/16/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/08/16/3"
}
]
}

18
2023/40xxx/CVE-2023-40621.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40622.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40623.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40624.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40624",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/40xxx/CVE-2023-40625.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2023/4xxx/CVE-2023-4382.json
View File

@ -67,6 +67,11 @@
"url": "https://vuldb.com/?ctiid.237314",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.237314"
},
{
"url": "http://packetstormsecurity.com/files/174212/Hyip-Rio-2.1-Cross-Site-Scripting-File-Upload.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/174212/Hyip-Rio-2.1-Cross-Site-Scripting-File-Upload.html"
}
]
},

18
2023/4xxx/CVE-2023-4404.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4404",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}