admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-03-24 16:00:34 +00:00
parent bbed35977d
commit 53eb87f06f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
17 changed files with 391 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/12xxx/CVE-2020-12403.json
View File

@ -58,6 +58,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3327-1] nss security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00021.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0006/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0006/"
}
]
},

2
2022/23xxx/CVE-2022-23397.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability."
"value": "** DISPUTED ** The Cedar Gate EZ-NET portal 6.5.5 6.8.0 Internet portal has a call to display messages to users which does not properly sanitize data sent in through a URL parameter. This leads to a Reflected Cross-Site Scripting vulnerability. NOTE: the vendor disputes this because the ado.im reference has \"no clear steps of reproduction.\""
}
]
},

92
2022/38xxx/CVE-2022-38745.json
View File

@ -1,18 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-38745",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-1188 Insecure Default Initialization of Resource",
"cweId": "CWE-1188"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-427 Uncontrolled Search Path Element",
"cweId": "CWE-427"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "4.1.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0"
},
{
"url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html",
"refsource": "MISC",
"name": "https://www.openoffice.org/security/cves/CVE-2022-38745.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "European Commission's Open Source Programme Office"
}
]
}

5
2022/3xxx/CVE-2022-3219.json
View File

@ -68,6 +68,11 @@
"refsource": "MISC",
"name": "https://dev.gnupg.org/T5993",
"url": "https://dev.gnupg.org/T5993"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0001/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0001/"
}
]
},

83
2022/47xxx/CVE-2022-47502.json
View File

@ -1,18 +1,91 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-47502",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments. Several URI Schemes are defined for this purpose. Links can be activated by clicks, or by automatic document events. The execution of such links must be subject to user approval. In the affected versions of OpenOffice, approval for certain links is not requested; when activated, such links could therefore result in arbitrary script execution."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')",
"cweId": "CWE-88"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache OpenOffice",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "4.1.13"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://lists.apache.org/thread/xr6tl91jj2jgcq8pdbrc4d8w13s6xn80",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/xr6tl91jj2jgcq8pdbrc4d8w13s6xn80"
},
{
"url": "https://www.openoffice.org/security/cves/CVE-2022-47502.html",
"refsource": "MISC",
"name": "https://www.openoffice.org/security/cves/CVE-2022-47502.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Altin Thartori (tin-z)"
}
]
}

5
2022/4xxx/CVE-2022-4492.json
View File

@ -53,6 +53,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2022-4492",
"url": "https://access.redhat.com/security/cve/CVE-2022-4492"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0002/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0002/"
}
]
},

5
2023/0xxx/CVE-2023-0361.json
View File

@ -78,6 +78,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-4fc4c33f2b",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0005/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0005/"
}
]
},

5
2023/0xxx/CVE-2023-0804.json
View File

@ -68,6 +68,11 @@
"refsource": "DEBIAN",
"name": "DSA-5361",
"url": "https://www.debian.org/security/2023/dsa-5361"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0009/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0009/"
}
]
},

18
2023/1xxx/CVE-2023-1623.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2023/24xxx/CVE-2023-24329.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/python/cpython/pull/99421",
"refsource": "MISC",
"name": "https://github.com/python/cpython/pull/99421"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20230324-0004/",
"url": "https://security.netapp.com/advisory/ntap-20230324-0004/"
}
]
}

75
2023/28xxx/CVE-2023-28152.json
View File

@ -1,18 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28152",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-28152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Independentsoft JWord before 1.1.110. The API is prone to XML external entity (XXE) injection via a remote DTD in a DOCX file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.independentsoft.de/jword/index.html",
"refsource": "MISC",
"name": "https://www.independentsoft.de/jword/index.html"
},
{
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-28152",
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-28152"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N",
"version": "3.1"
}
}
}

18
2023/28xxx/CVE-2023-28827.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28827",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/28xxx/CVE-2023-28828.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28828",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/28xxx/CVE-2023-28829.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28829",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/28xxx/CVE-2023-28830.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28830",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/28xxx/CVE-2023-28831.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28831",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/28xxx/CVE-2023-28832.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28832",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}