admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-20 08:00:36 +00:00
parent d915ec83e3
commit 6cf0b304d2
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 761 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/43xxx/CVE-2021-43113.json
View File

@ -66,6 +66,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230118 [SECURITY] [DLA 3273-1] libitext5-java security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00013.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-5323",
"url": "https://www.debian.org/security/2023/dsa-5323"
}
]
}

613
2022/40xxx/CVE-2022-40267.json
View File

@ -1,17 +1,622 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-40267",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Predictable Seed in Pseudo-Random Number Generator (PRNG) vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5U-xMy/z (x=32,64,80, y=T,R, z=ES,DS,ESS,DSS) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 17X**** or later, and versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-xMy/z (x=32,64,96, y=T, z=D,DSS)) with serial number 179**** and prior, and versions 1.074 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MT/DSS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-F Series FX5UC-32MR/DS-TS versions 1.280 and prior, Mitsubishi Electric Corporation MELSEC iQ-R Series R00/01/02CPU all versions, Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120(EN)CPU all versions allows a remote unauthenticated attacker to access the Web server function by guessing the random numbers used for authentication from several used random numbers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-337 Predictable Seed in Pseudo-Random Number Generator (PRNG) ",
"cweId": "CWE-337"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mitsubishi Electric Corporation",
"product": {
"product_data": [
{
"product_name": "MELSEC iQ-F Series FX5U-32MT/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MT/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Seres FX5U-80MT/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-32MR/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MR/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-80MR/ES",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-32MT/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MT/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-80MT/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-32MR/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MR/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-80MR/DS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-32MT/ESS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MT/ESS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-80MT/ESS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-32MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-64MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5U-80MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-32MT/D",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-64MT/D",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-96MT/D",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-32MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-64MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-96MT/DSS",
"version": {
"version_data": [
{
"version_value": "serial number 17X**** or later, and versions 1.280 and prior",
"version_affected": "="
},
{
"version_value": "serial number 179**** and prior, and versions 1.074 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-32MT/DS-TS",
"version": {
"version_data": [
{
"version_value": "versions 1.280 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-32MT/DSS-TS",
"version": {
"version_data": [
{
"version_value": "versions 1.280 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-F Series FX5UC-32MR/DS-TS",
"version": {
"version_data": [
{
"version_value": "versions 1.280 and prior",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R00CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R01CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R02CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R04CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R08CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R16CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R32CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R120CPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R04ENCPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R08ENCPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R16ENCPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R32ENCPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
},
{
"product_name": "MELSEC iQ-R Series R120ENCPU",
"version": {
"version_data": [
{
"version_value": "all versions",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf",
"refsource": "MISC",
"name": "https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-019_en.pdf"
},
{
"url": "https://jvn.jp/vu/JVNVU99673580/index.html",
"refsource": "MISC",
"name": "https://jvn.jp/vu/JVNVU99673580/index.html"
},
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02",
"refsource": "MISC",
"name": "https://www.cisa.gov/uscert/ics/advisories/icsa-23-017-02"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
]
}

18
2022/4xxx/CVE-2022-4893.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-4893",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

61
2023/23xxx/CVE-2023-23596.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23596",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-23596",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection. When creating an access list, the backend builds an htpasswd file with crafted username and/or password input that is concatenated without any validation, and is directly passed to the exec command, potentially allowing an authenticated attacker to execute arbitrary commands on the system. NOTE: this is not part of any NGINX software shipped by F5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advisory.dw1.io/57",
"refsource": "MISC",
"name": "https://advisory.dw1.io/57"
},
{
"url": "https://github.com/NginxProxyManager/nginx-proxy-manager/blob/4f10d129c20cc82494b95cc94b97f859dbd4b54d/backend/internal/access-list.js#L510",
"refsource": "MISC",
"name": "https://github.com/NginxProxyManager/nginx-proxy-manager/blob/4f10d129c20cc82494b95cc94b97f859dbd4b54d/backend/internal/access-list.js#L510"
}
]
}

78
2023/23xxx/CVE-2023-23691.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-23691",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@dell.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a Client-side desync Vulnerability. An unauthenticated attacker could potentially exploit this vulnerability to force a victim's browser to desynchronize its connection with the website, typically leading to XSS and DoS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')",
"cweId": "CWE-444"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Dell",
"product": {
"product_data": [
{
"product_name": "Dell PowerVault ME5",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000207533/dsa-2023-018-dell-emc-powervault-me5-security-update-for-a-client-desync-attack-vulnerability",
"refsource": "MISC",
"name": "https://www.dell.com/support/kbdoc/en-us/000207533/dsa-2023-018-dell-emc-powervault-me5-security-update-for-a-client-desync-attack-vulnerability"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}