admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-23 19:00:32 +00:00
parent 856adc0367
commit 63d1e20d18
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
23 changed files with 243 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/10xxx/CVE-2019-10222.json
View File

@ -63,6 +63,11 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10222"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2020/10xxx/CVE-2020-10753.json
View File

@ -73,6 +73,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2020/12xxx/CVE-2020-12059.json
View File

@ -71,6 +71,11 @@
"refsource": "UBUNTU",
"name": "USN-4528-1",
"url": "https://usn.ubuntu.com/4528-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
}

5
2020/1xxx/CVE-2020-1700.json
View File

@ -61,6 +61,11 @@
"refsource": "UBUNTU",
"name": "USN-4304-1",
"url": "https://usn.ubuntu.com/4304-1/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2020/1xxx/CVE-2020-1760.json
View File

@ -79,6 +79,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2020/25xxx/CVE-2020-25678.json
View File

@ -73,6 +73,11 @@
"url": "https://security.gentoo.org/glsa/202105-39",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202105-39"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
}

5
2020/27xxx/CVE-2020-27781.json
View File

@ -58,6 +58,11 @@
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2021/20xxx/CVE-2021-20288.json
View File

@ -68,6 +68,11 @@
"refsource": "GENTOO",
"name": "GLSA-202105-39",
"url": "https://security.gentoo.org/glsa/202105-39"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

118
2021/2xxx/CVE-2021-2351.json
View File

@ -1,44 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2021-2351",
"ASSIGNER": "secalert_us@oracle.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebLogic Server",
"version": {
"version_data": [
{
"version_value": "12.2.1.3.0",
"version_affected": "="
},
{
"version_value": "12.2.1.4.0",
"version_affected": "="
},
{
"version_value": "14.1.1.0.0",
"version_affected": "="
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"description": {
"description_data": [
{
@ -47,13 +15,6 @@
}
]
},
"impact": {
"cvss": {
"baseScore": "8.3",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
@ -66,6 +27,38 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Oracle Corporation",
"product": {
"product_data": [
{
"product_name": "WebLogic Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.2.1.3.0"
},
{
"version_affected": "=",
"version_value": "12.2.1.4.0"
},
{
"version_affected": "=",
"version_value": "14.1.1.0.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
@ -79,14 +72,14 @@
"name": "https://www.oracle.com/security-alerts/cpuoct2021.html"
},
{
"refsource": "FULLDISC",
"name": "20211210 [SYSS-2021-061] Oracle Database - NNE Connection Hijacking",
"url": "http://seclists.org/fulldisclosure/2021/Dec/19"
"url": "http://seclists.org/fulldisclosure/2021/Dec/19",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2021/Dec/19"
},
{
"refsource": "FULLDISC",
"name": "20211210 [SYSS-2021-062] Oracle Database - Weak NNE Integrity Key Derivation",
"url": "http://seclists.org/fulldisclosure/2021/Dec/20"
"url": "http://seclists.org/fulldisclosure/2021/Dec/20",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2021/Dec/20"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html",
@ -94,14 +87,14 @@
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
},
{
"url": "http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html",
"url": "http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html"
"name": "http://packetstormsecurity.com/files/165258/Oracle-Database-Weak-NNE-Integrity-Key-Derivation.html"
},
{
"url": "http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html",
"url": "http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html"
"name": "http://packetstormsecurity.com/files/165255/Oracle-Database-Protection-Mechanism-Bypass.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
@ -112,6 +105,29 @@
"url": "https://www.oracle.com/security-alerts/cpujul2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujul2022.html"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2023.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2023.html"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

5
2021/3xxx/CVE-2021-3524.json
View File

@ -68,6 +68,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20210810 [SECURITY] [DLA 2735-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00013.html"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2021/3xxx/CVE-2021-3531.json
View File

@ -73,6 +73,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-1bf13db941",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZRUNDH2TJRZRWL3DCH2PQ6KROWTPQ7AJ/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20231023 [SECURITY] [DLA 3629-1] ceph security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
},

5
2021/3xxx/CVE-2021-3979.json
View File

@ -83,6 +83,11 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPOK44BESMIFW6BIOGCN452AKKOIIT6Q/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00034.html"
}
]
}

3
2023/3xxx/CVE-2023-3794.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3795.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3796.json
View File

@ -93,8 +93,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3797.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3798.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3799.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3800.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 3.7,
"vectorString": "AV:A/AC:H/Au:M/C:P/I:P/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:H/Au:M/C:P/I:P/A:P"
}
]
}

8
2023/3xxx/CVE-2023-3801.json
View File

@ -77,11 +77,6 @@
"url": "https://github.com/Wkingxc/CVE/blob/master/ibos_OA_1.md",
"refsource": "MISC",
"name": "https://github.com/Wkingxc/CVE/blob/master/ibos_OA_1.md"
},
{
"url": "http://web.archive.org/web/20230722143348/https://github.com/funnn7/cve/blob/main/sql.md",
"refsource": "MISC",
"name": "http://web.archive.org/web/20230722143348/https://github.com/funnn7/cve/blob/main/sql.md"
}
]
},
@ -108,8 +103,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

82
2023/46xxx/CVE-2023-46288.json
View File

@ -1,18 +1,90 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46288",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0.\n\nSensitive configuration information has been exposed to authenticated users with the ability to read configuration via Airflow REST API for configuration even when the expose_config\u00a0option is set to non-sensitive-only. The expose_config option is False by default. It is recommended to upgrade to a version that is not affected if you set expose_config\u00a0to non-sensitive-only\u00a0configuration. This is a different error than CVE-2023-45348\u00a0which allows authenticated user to retrieve individual configuration values in 2.7.* by specially crafting their request (solved in 2.7.2).\n\nUsers are recommended to upgrade to version 2.7.2, which fixes the issue and additionally fixes\u00a0CVE-2023-45348.\n\n"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache Airflow",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.4.0",
"version_value": "2.7.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/apache/airflow/pull/32261",
"refsource": "MISC",
"name": "https://github.com/apache/airflow/pull/32261"
},
{
"url": "https://lists.apache.org/thread/yw4vzm0c5lqkwm0bxv6qy03yfd1od4nw",
"refsource": "MISC",
"name": "https://lists.apache.org/thread/yw4vzm0c5lqkwm0bxv6qy03yfd1od4nw"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "id_No2015429 of 3H Secruity Team"
},
{
"lang": "en",
"value": "Lee, Wei"
},
{
"lang": "en",
"value": "Lee, Wei"
}
]
}

18
2023/5xxx/CVE-2023-5737.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5737",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/5xxx/CVE-2023-5738.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5738",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}