admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-03 02:00:36 +00:00
parent e2ea77b9ab
commit 6ed31158e9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
19 changed files with 1291 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
2023/27xxx/CVE-2023-27322.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27322",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Parallels Service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-17751."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-665: Improper Initialization",
"cweId": "CWE-665"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "17.1.4 (51567)"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-216/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-216/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "Grisha Levit"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27323.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27323",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Updater Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. By creating a symbolic link, an attacker can abuse the service to execute a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18150."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-217/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-217/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "aegis"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27324.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27324",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18229."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-665: Improper Initialization",
"cweId": "CWE-665"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-218/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-218/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "kn32"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27325.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27325",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-18253."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-665: Improper Initialization",
"cweId": "CWE-665"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-219/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-219/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "kn32"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27326.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27326",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Toolgate Directory Traversal Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18933."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-221/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "Alexandre Adamski of Impalabs"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 8.2,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27327.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27327",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition",
"cweId": "CWE-367"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "18.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-215/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-215/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "kn32"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27328.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27328",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Parallels Desktop Toolgate XML Injection Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability.\n\nThe specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied string before using it to construct an XML document. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-19187."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-91: XML Injection",
"cweId": "CWE-91"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Parallels",
"product": {
"product_data": [
{
"product_name": "Desktop",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "18.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-220/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-220/"
},
{
"url": "https://kb.parallels.com/125013",
"refsource": "MISC",
"name": "https://kb.parallels.com/125013"
}
]
},
"source": {
"lang": "en",
"value": "kn32"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27329.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27329",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19477."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Foxit",
"product": {
"product_data": [
{
"product_name": "PDF Reader",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.2.12465"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-227/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-227/"
},
{
"url": "https://www.foxit.com/support/security-bulletins.html",
"refsource": "MISC",
"name": "https://www.foxit.com/support/security-bulletins.html"
}
]
},
"source": {
"lang": "en",
"value": "Anonymous"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27330.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27330",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19476."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Foxit",
"product": {
"product_data": [
{
"product_name": "PDF Reader",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.2.12465"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-226/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-226/"
},
{
"url": "https://www.foxit.com/support/security-bulletins.html",
"refsource": "MISC",
"name": "https://www.foxit.com/support/security-bulletins.html"
}
]
},
"source": {
"lang": "en",
"value": "Anonymous"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27331.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27331",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19475."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Foxit",
"product": {
"product_data": [
{
"product_name": "PDF Reader",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.2.12465"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-225/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-225/"
},
{
"url": "https://www.foxit.com/support/security-bulletins.html",
"refsource": "MISC",
"name": "https://www.foxit.com/support/security-bulletins.html"
}
]
},
"source": {
"lang": "en",
"value": "Anonymous"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

68
2023/27xxx/CVE-2023-27332.json
View File

@ -1,17 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27332",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-Link Archer AX21 tdpServer Logging Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the logging functionality of the tdpServer program, which listens on UDP port 20002. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19898."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TP-Link",
"product": {
"product_data": [
{
"product_name": "Archer AX21",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-245/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-245/"
}
]
},
"source": {
"lang": "en",
"value": "Reported by Xiaobye, working with DEVCORE Internship Program"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

68
2023/27xxx/CVE-2023-27333.json
View File

@ -1,17 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27333",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-Link Archer AX21 tmpServer Command 0x422 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of command 0x422 provided to the tmpServer service. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19905."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TP-Link",
"product": {
"product_data": [
{
"product_name": "Archer AX21",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "R.47.0.0 AutoCAD 2021 & R.47.0.0 AutoCAD LT 2021"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-244/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-244/"
}
]
},
"source": {
"lang": "en",
"value": "Pumpkin, working with DEVCORE Internship Program"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
}
]
}

73
2023/27xxx/CVE-2023-27334.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27334",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Softing edgeConnector Siemens ConditionRefresh Resource Exhaustion Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC UA ConditionRefresh requests. By sending a large number of requests, an attacker can consume all available resources on the server. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20498."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Softing",
"product": {
"product_data": [
{
"product_name": "edgeConnector Siemens",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.40"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-1054/"
},
{
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html",
"refsource": "MISC",
"name": "https://industrial.softing.com/fileadmin/psirt/downloads/syt-2023-1.html"
}
]
},
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

68
2023/27xxx/CVE-2023-27335.json
View File

@ -1,17 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27335",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Softing edgeAggregator Client Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softing edgeAggregator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the handling of the input parameters provided to the edgeAggregetor client. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20504."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Softing",
"product": {
"product_data": [
{
"product_name": "edgeAggregator",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.40"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-1057/"
}
]
},
"source": {
"lang": "en",
"value": "Claroty Research - Team82 - Uri Katz, Noam Moshe, Vera Mens, Sharon Brizinov"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

68
2023/27xxx/CVE-2023-27336.json
View File

@ -1,17 +1,77 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27336",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Softing edgeConnector Siemens OPC UA Server Null Pointer Dereference Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Softing edgeConnector Siemens. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of OPC client certificates. The issue results from dereferencing a NULL pointer. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20508."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476: NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Softing",
"product": {
"product_data": [
{
"product_name": "edgeConnector Siemens",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.40"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-1065/"
}
]
},
"source": {
"lang": "en",
"value": "Team ECQ"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27337.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27337",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18494."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PDF-XChange",
"product": {
"product_data": [
{
"product_name": "PDF-XChange Editor",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.4.362.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-349/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-349/"
},
{
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history",
"refsource": "MISC",
"name": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
]
},
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/27xxx/CVE-2023-27338.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27338",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PDF-XChange Editor TIF File Parsing Use-After-Free Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of TIF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18612."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416: Use After Free",
"cweId": "CWE-416"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PDF-XChange",
"product": {
"product_data": [
{
"product_name": "PDF-XChange Editor",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.4.363.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-350/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-350/"
},
{
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history",
"refsource": "MISC",
"name": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
]
},
"source": {
"lang": "en",
"value": "Anonymous"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"baseScore": 3.3,
"baseSeverity": "LOW"
}
]
}

73
2023/27xxx/CVE-2023-27339.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27339",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "PDF-XChange Editor PNG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PNG files. Crafted data in a PNG file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18663."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787: Out-of-bounds Write",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PDF-XChange",
"product": {
"product_data": [
{
"product_name": "PDF-XChange Editor",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "9.4.363.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-351/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-351/"
},
{
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history",
"refsource": "MISC",
"name": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
}
]
},
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) with TecSecurity"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

73
2023/41xxx/CVE-2023-41222.json
View File

@ -1,17 +1,82 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41222",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "zdi-disclosures@trendmicro.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-3040 prog.cgi SetWan2Settings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability.\n\nThe specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a fixed-size stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21622."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121: Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "D-Link",
"product": {
"product_data": [
{
"product_name": "DIR-3040",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "120B03"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1330/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-23-1330/"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10350",
"refsource": "MISC",
"name": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10350"
}
]
},
"source": {
"lang": "en",
"value": "Peter Girnus, Nicholas Zubrisky"
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
}
]
}