admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-28 14:00:35 +00:00
parent bf5ebc576b
commit 5f4d8956c3
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
41 changed files with 1497 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/11xxx/CVE-2018-11245.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/MISP/MISP/commit/5efc07b12f82301a6086fd3433fedd69fe7119d3", "name": "https://github.com/MISP/MISP/commit/5efc07b12f82301a6086fd3433fedd69fe7119d3",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/MISP/MISP/commit/5efc07b12f82301a6086fd3433fedd69fe7119d3" "url": "https://github.com/MISP/MISP/commit/5efc07b12f82301a6086fd3433fedd69fe7119d3"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-xss-with-cortex-type-attributes/",
"url": "https://zigrin.com/advisories/misp-xss-with-cortex-type-attributes/"
} }
] ]
} }

5
2019/12xxx/CVE-2019-12868.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/MISP/MISP/commit/c42c5fe92783dd306b7600db1f6a25324445b40c", "url": "https://github.com/MISP/MISP/commit/c42c5fe92783dd306b7600db1f6a25324445b40c",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/c42c5fe92783dd306b7600db1f6a25324445b40c" "name": "https://github.com/MISP/MISP/commit/c42c5fe92783dd306b7600db1f6a25324445b40c"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-command-injection-via-phar-deserialization/",
"url": "https://zigrin.com/advisories/misp-command-injection-via-phar-deserialization/"
} }
] ]
} }

5
2020/25xxx/CVE-2020-25215.json
View File

@ -56,6 +56,11 @@
"url": "https://www.yworks.com/products/yed/download", "url": "https://www.yworks.com/products/yed/download",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.yworks.com/products/yed/download" "name": "https://www.yworks.com/products/yed/download"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/yworks-yed-graph-editor-xml-external-entity-injection/",
"url": "https://zigrin.com/advisories/yworks-yed-graph-editor-xml-external-entity-injection/"
} }
] ]
} }

5
2020/25xxx/CVE-2020-25216.json
View File

@ -56,6 +56,11 @@
"url": "https://www.yworks.com/products/yed/download", "url": "https://www.yworks.com/products/yed/download",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.yworks.com/products/yed/download" "name": "https://www.yworks.com/products/yed/download"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/yworks-yed-graph-editor-xslt-remote-code-execution-in-xml/",
"url": "https://zigrin.com/advisories/yworks-yed-graph-editor-xslt-remote-code-execution-in-xml/"
} }
] ]
} }

10
2020/8xxx/CVE-2020-8893.json
View File

@ -61,6 +61,16 @@
"url": "https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c", "url": "https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c" "name": "https://github.com/MISP/MISP/commit/3d982d92fd26584115c01f8c560a688d1096b65c"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-reflected-xss-in-galaxy-view/",
"url": "https://zigrin.com/advisories/misp-reflected-xss-in-galaxy-view/"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-bruteforce-protection-not-working-in-very-specific-environments/",
"url": "https://zigrin.com/advisories/misp-bruteforce-protection-not-working-in-very-specific-environments/"
} }
] ]
} }

5
2020/8xxx/CVE-2020-8894.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/MISP/MISP/commit/9400b8bc8699435d84508e598aca98a31affd77c", "url": "https://github.com/MISP/MISP/commit/9400b8bc8699435d84508e598aca98a31affd77c",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/9400b8bc8699435d84508e598aca98a31affd77c" "name": "https://github.com/MISP/MISP/commit/9400b8bc8699435d84508e598aca98a31affd77c"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-mishandling-of-discussion-threads-acls/",
"url": "https://zigrin.com/advisories/misp-mishandling-of-discussion-threads-acls/"
} }
] ]
} }

5
2020/9xxx/CVE-2020-9405.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather", "url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather" "name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/online-weather-reflected-xss-in-redirect-page/",
"url": "https://zigrin.com/advisories/online-weather-reflected-xss-in-redirect-page/"
} }
] ]
}, },

5
2020/9xxx/CVE-2020-9406.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather", "url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather" "name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/online-weather-command-injection-in-querybcp-method/",
"url": "https://zigrin.com/advisories/online-weather-command-injection-in-querybcp-method/"
} }
] ]
}, },

5
2020/9xxx/CVE-2020-9407.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather", "url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather" "name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/Online_Weather"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/online-weather-information-disclosure-in-cookie/",
"url": "https://zigrin.com/advisories/online-weather-information-disclosure-in-cookie/"
} }
] ]
}, },

5
2021/37xxx/CVE-2021-37742.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192", "url": "https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192" "name": "https://github.com/MISP/MISP/commit/af50add82433eb2a740c3621b99d9d14d2b1e192"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-stored-xss-when-viewing-galaxy-cluster-relationships/",
"url": "https://zigrin.com/advisories/misp-stored-xss-when-viewing-galaxy-cluster-relationships/"
} }
] ]
} }

5
2021/41xxx/CVE-2021-41326.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/MISP/MISP/compare/v2.4.147...v2.4.148", "url": "https://github.com/MISP/MISP/compare/v2.4.147...v2.4.148",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/MISP/MISP/compare/v2.4.147...v2.4.148" "name": "https://github.com/MISP/MISP/compare/v2.4.147...v2.4.148"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/misp-command-injection-vulnerability-in-opendata-export/",
"url": "https://zigrin.com/advisories/misp-command-injection-vulnerability-in-opendata-export/"
} }
] ]
} }

5
2021/42xxx/CVE-2021-42369.json
View File

@ -61,6 +61,11 @@
"url": "https://www.imagicle.com/en/resources/download/", "url": "https://www.imagicle.com/en/resources/download/",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.imagicle.com/en/resources/download/" "name": "https://www.imagicle.com/en/resources/download/"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/imagicle-sql-injection-vulnerability-in-contacts-csv-export/",
"url": "https://zigrin.com/advisories/imagicle-sql-injection-vulnerability-in-contacts-csv-export/"
} }
] ]
}, },

5
2021/44xxx/CVE-2021-44725.json
View File

@ -56,6 +56,11 @@
"url": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes", "url": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes",
"refsource": "MISC", "refsource": "MISC",
"name": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes" "name": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/knime-server-directory-path-traversal-in-the-profiles-section/",
"url": "https://zigrin.com/advisories/knime-server-directory-path-traversal-in-the-profiles-section/"
} }
] ]
}, },

5
2021/44xxx/CVE-2021-44726.json
View File

@ -56,6 +56,11 @@
"url": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes", "url": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes",
"refsource": "MISC", "refsource": "MISC",
"name": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes" "name": "https://docs.knime.com/2021-06/server_update_guide/index.html#_bugfixes"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/knime-server-dom-based-xss-in-a-login-panel/",
"url": "https://zigrin.com/advisories/knime-server-dom-based-xss-in-a-login-panel/"
} }
] ]
}, },

5
2021/45xxx/CVE-2021-45096.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/dawid-czarnecki/public-vulnerabilities", "url": "https://github.com/dawid-czarnecki/public-vulnerabilities",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/dawid-czarnecki/public-vulnerabilities" "name": "https://github.com/dawid-czarnecki/public-vulnerabilities"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/knime-analytics-platform-external-xml-entity-injection/",
"url": "https://zigrin.com/advisories/knime-analytics-platform-external-xml-entity-injection/"
} }
] ]
}, },

5
2021/45xxx/CVE-2021-45097.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/KNIME/CVE-weak-file-permission", "url": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/KNIME/CVE-weak-file-permission",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/KNIME/CVE-weak-file-permission" "name": "https://github.com/dawid-czarnecki/public-vulnerabilities/tree/master/KNIME/CVE-weak-file-permission"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/knime-server-weak-file-permissions/",
"url": "https://zigrin.com/advisories/knime-server-weak-file-permissions/"
} }
] ]
}, },

5
2022/25xxx/CVE-2022-25317.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/cerebrate-project/cerebrate/commit/e60d97c214f9ac6df90c87241b3b3554afc06238", "url": "https://github.com/cerebrate-project/cerebrate/commit/e60d97c214f9ac6df90c87241b3b3554afc06238",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/cerebrate-project/cerebrate/commit/e60d97c214f9ac6df90c87241b3b3554afc06238" "name": "https://github.com/cerebrate-project/cerebrate/commit/e60d97c214f9ac6df90c87241b3b3554afc06238"
},
{
"refsource": "MISC",
"name": "https://zigrin.com/advisories/cerebrate-reflected-xss-in-form-descriptions/",
"url": "https://zigrin.com/advisories/cerebrate-reflected-xss-in-form-descriptions/"
} }
] ]
} }

104
2022/47xxx/CVE-2022-47186.json
View File

@ -1,17 +1,113 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-47186", "ID": "CVE-2022-47186",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve-coordination@incibe.es",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "There is an unrestricted upload of file vulnerability in Generex CS141 below 2.06 version. An attacker could upload and/or delete any type of file, without any format restriction and without any authentication, in the \"upload\" directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"cweId": "CWE-434"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Generex",
"product": {
"product_data": [
{
"product_name": "UPS CS141",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.06"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141",
"refsource": "MISC",
"name": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141"
},
{
"url": "https://www.generex.de/support/changelogs/cs141/page:2",
"refsource": "MISC",
"name": "https://www.generex.de/support/changelogs/cs141/page:2"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": {
"advisory": "INCIBE-2023-0071",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>This vulnerability, has been fixed by Generex team in CS141 version 2.06, released on April 2022.</p>"
}
],
"value": "This vulnerability, has been fixed by Generex team in CS141 version 2.06, released on April 2022.\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Joel G\u00e1mez Molina (@JoelGMSec)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
} }
] ]
} }

104
2022/47xxx/CVE-2022-47187.json
View File

@ -1,17 +1,113 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2022-47187", "ID": "CVE-2022-47187",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve-coordination@incibe.es",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "There is a file upload XSS vulnerability in Generex CS141 below 2.06 version. The web application allows file uploading, making it possible to upload a file with HTML content. When HTML files are allowed, XSS payload can be injected into the uploaded file.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Generex",
"product": {
"product_data": [
{
"product_name": "UPS CS141",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "2.06"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141",
"refsource": "MISC",
"name": "https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141"
},
{
"url": "https://www.generex.de/support/changelogs/cs141/2-12",
"refsource": "MISC",
"name": "https://www.generex.de/support/changelogs/cs141/2-12"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"source": {
"advisory": "INCIBE-2023-0071",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>This vulnerability, has been fixed by Generex team in CS141 version 2.12, released on December 2022.</p>"
}
],
"value": "This vulnerability, has been fixed by Generex team in CS141 version 2.12, released on December 2022.\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Joel G\u00e1mez Molina (@JoelGMSec)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
} }
] ]
} }

86
2023/40xxx/CVE-2023-40307.json
View File

@ -1,17 +1,95 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-40307", "ID": "CVE-2023-40307",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cna@sap.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An attacker with standard privileges on macOS when requesting administrator privileges from the application can submit input which causes a buffer overflow resulting in a crash of the application. This could make the application unavailable and allow reading or modification of data.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SAP SE",
"product": {
"product_data": [
{
"product_name": "SAP Privileges",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "1.5.4"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/SAP/macOS-enterprise-privileges/security/advisories/GHSA-rgq4-wxpj-5jv9",
"refsource": "MISC",
"name": "https://github.com/SAP/macOS-enterprise-privileges/security/advisories/GHSA-rgq4-wxpj-5jv9"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
} }
] ]
} }

186
2023/42xxx/CVE-2023-42756.json
View File

@ -1,17 +1,195 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-42756", "ID": "CVE-2023-42756",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in the Netfilter subsystem of the Linux kernel. A race condition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel panic due to the invocation of `__ip_set_put` on a wrong `set`. This issue may allow a local user to crash the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "6.6-rc3",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42756",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-42756"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239848",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2239848"
},
{
"url": "https://seclists.org/oss-sec/2023/q3/242",
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2023/q3/242"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43860.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43860",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43860",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanNonLogin function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43861.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43861",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43861",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPPoE function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43862.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43862",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43862",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formLanguageChange function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43863.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43863",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43863",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanDhcpplus function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43864.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43864",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43864",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard55 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43865.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43865",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43865",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanPPTP function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43866.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43866",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43866",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard7 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43867.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43867",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43867",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWanL2TP function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

61
2023/43xxx/CVE-2023-43868.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43868",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43868",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via websGetVar function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md",
"refsource": "MISC",
"name": "https://github.com/YTrick/vuln/blob/main/DIR-619L%20Buffer%20Overflow_1.md"
} }
] ]
} }

2
2023/43xxx/CVE-2023-43869.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 Function." "value": "D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function."
} }
] ]
}, },

56
2023/43xxx/CVE-2023-43871.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43871",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43871",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A File upload vulnerability in WBCE v.1.6.1 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/sromanhu/WBCE-File-Upload--XSS---Media/blob/main/README.md",
"refsource": "MISC",
"name": "https://github.com/sromanhu/WBCE-File-Upload--XSS---Media/blob/main/README.md"
} }
] ]
} }

56
2023/43xxx/CVE-2023-43872.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43872",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43872",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/sromanhu/CMSmadesimple-File-Upload--XSS---File-Manager",
"refsource": "MISC",
"name": "https://github.com/sromanhu/CMSmadesimple-File-Upload--XSS---File-Manager"
} }
] ]
} }

56
2023/43xxx/CVE-2023-43873.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43873",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43873",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/blob/main/README.md",
"refsource": "MISC",
"name": "https://github.com/sromanhu/e107-CMS-Stored-XSS---Manage/blob/main/README.md"
} }
] ]
} }

56
2023/43xxx/CVE-2023-43874.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-43874",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-43874",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Tags Menu."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/sromanhu/e107-CMS-Stored-XSS---MetaCustomTags/blob/main/README.md",
"refsource": "MISC",
"name": "https://github.com/sromanhu/e107-CMS-Stored-XSS---MetaCustomTags/blob/main/README.md"
} }
] ]
} }

18
2023/44xxx/CVE-2023-44312.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-44312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/44xxx/CVE-2023-44313.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-44313",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/44xxx/CVE-2023-44314.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-44314",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/44xxx/CVE-2023-44315.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-44315",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

161
2023/5xxx/CVE-2023-5215.json
View File

@ -1,17 +1,170 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-5215", "ID": "CVE-2023-5215",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "secalert@redhat.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Handling of Unexpected Data Type",
"cweId": "CWE-241"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "libnbd",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "1.18.0",
"status": "unaffected"
}
]
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8 Advanced Virtualization",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5215",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-5215"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241041",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2241041"
},
{
"url": "https://listman.redhat.com/archives/libguestfs/2023-September/032635.html",
"refsource": "MISC",
"name": "https://listman.redhat.com/archives/libguestfs/2023-September/032635.html"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
} }
] ]
} }

18
2023/5xxx/CVE-2023-5254.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5254",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}