From 70837799665f6f810e0aad561f55df45a6d5c7af Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 7 Sep 2023 03:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/34xxx/CVE-2022-34300.json | 5 ++ 2022/41xxx/CVE-2022-41717.json | 5 ++ 2023/33xxx/CVE-2023-33551.json | 5 ++ 2023/33xxx/CVE-2023-33552.json | 5 ++ 2023/34xxx/CVE-2023-34357.json | 96 ++++++++++++++++++++++++++++++++-- 2023/35xxx/CVE-2023-35125.json | 18 +++++++ 2023/35xxx/CVE-2023-35771.json | 18 +++++++ 2023/38xxx/CVE-2023-38656.json | 18 +++++++ 2023/39xxx/CVE-2023-39449.json | 18 +++++++ 2023/39xxx/CVE-2023-39932.json | 18 +++++++ 2023/40xxx/CVE-2023-40154.json | 18 +++++++ 2023/40xxx/CVE-2023-40305.json | 5 ++ 2023/40xxx/CVE-2023-40746.json | 18 +++++++ 2023/41xxx/CVE-2023-41092.json | 18 +++++++ 2023/41xxx/CVE-2023-41252.json | 18 +++++++ 2023/41xxx/CVE-2023-41833.json | 18 +++++++ 2023/4xxx/CVE-2023-4733.json | 5 ++ 2023/4xxx/CVE-2023-4750.json | 5 ++ 2023/4xxx/CVE-2023-4752.json | 5 ++ 19 files changed, 312 insertions(+), 4 deletions(-) create mode 100644 2023/35xxx/CVE-2023-35125.json create mode 100644 2023/35xxx/CVE-2023-35771.json create mode 100644 2023/38xxx/CVE-2023-38656.json create mode 100644 2023/39xxx/CVE-2023-39449.json create mode 100644 2023/39xxx/CVE-2023-39932.json create mode 100644 2023/40xxx/CVE-2023-40154.json create mode 100644 2023/40xxx/CVE-2023-40746.json create mode 100644 2023/41xxx/CVE-2023-41092.json create mode 100644 2023/41xxx/CVE-2023-41252.json create mode 100644 2023/41xxx/CVE-2023-41833.json diff --git a/2022/34xxx/CVE-2022-34300.json b/2022/34xxx/CVE-2022-34300.json index 209c087ea73..b61d9379e7d 100644 --- a/2022/34xxx/CVE-2022-34300.json +++ b/2022/34xxx/CVE-2022-34300.json @@ -56,6 +56,11 @@ "url": "https://github.com/syoyo/tinyexr/issues/167", "refsource": "MISC", "name": "https://github.com/syoyo/tinyexr/issues/167" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2023-3e092b3938", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQCZL36LTOHWCQ25R5WTRSD5QMM436Q6/" } ] } diff --git a/2022/41xxx/CVE-2022-41717.json b/2022/41xxx/CVE-2022-41717.json index 9fb8671c499..abe7ea50927 100644 --- a/2022/41xxx/CVE-2022-41717.json +++ b/2022/41xxx/CVE-2022-41717.json @@ -127,6 +127,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q52IQI754YAE4XPR4QBRWPIVZWYGZ4FS/" } ] }, diff --git a/2023/33xxx/CVE-2023-33551.json b/2023/33xxx/CVE-2023-33551.json index 3887c98915a..127fe96e138 100644 --- a/2023/33xxx/CVE-2023-33551.json +++ b/2023/33xxx/CVE-2023-33551.json @@ -56,6 +56,11 @@ "url": "https://github.com/lometsj/blog_repo/issues/2", "refsource": "MISC", "name": "https://github.com/lometsj/blog_repo/issues/2" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2023-f838326992", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHOIRL6XH5NYR3LYI3KP5DE4SDSQWR7W/" } ] } diff --git a/2023/33xxx/CVE-2023-33552.json b/2023/33xxx/CVE-2023-33552.json index 18210faae5a..f9959e02e84 100644 --- a/2023/33xxx/CVE-2023-33552.json +++ b/2023/33xxx/CVE-2023-33552.json @@ -56,6 +56,11 @@ "url": "https://github.com/lometsj/blog_repo/issues/1", "refsource": "MISC", "name": "https://github.com/lometsj/blog_repo/issues/1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2023-f838326992", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHOIRL6XH5NYR3LYI3KP5DE4SDSQWR7W/" } ] } diff --git a/2023/34xxx/CVE-2023-34357.json b/2023/34xxx/CVE-2023-34357.json index 23b8b1310bd..e507737618d 100644 --- a/2023/34xxx/CVE-2023-34357.json +++ b/2023/34xxx/CVE-2023-34357.json @@ -1,17 +1,105 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-34357", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@cert.org.tw", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\nSoar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.\n\n\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password", + "cweId": "CWE-640" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Soar Cloud Ltd. ", + "product": { + "product_data": [ + { + "product_name": "HR Portal", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.3.2023.0510" + }, + { + "version_affected": "=", + "version_value": "7.3.2023.0705" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.twcert.org.tw/tw/cp-132-7347-2653e-1.html", + "refsource": "MISC", + "name": "https://www.twcert.org.tw/tw/cp-132-7347-2653e-1.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "TVN-202309001", + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "\n\nUpdate to 7.3.2023.0705\n\n
" + } + ], + "value": "\nUpdate to\u00a07.3.2023.0705\n\n\n" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2023/35xxx/CVE-2023-35125.json b/2023/35xxx/CVE-2023-35125.json new file mode 100644 index 00000000000..2a8f8b8296b --- /dev/null +++ b/2023/35xxx/CVE-2023-35125.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35125", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/35xxx/CVE-2023-35771.json b/2023/35xxx/CVE-2023-35771.json new file mode 100644 index 00000000000..7e5ed9759ee --- /dev/null +++ b/2023/35xxx/CVE-2023-35771.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-35771", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/38xxx/CVE-2023-38656.json b/2023/38xxx/CVE-2023-38656.json new file mode 100644 index 00000000000..f3fd6239fba --- /dev/null +++ b/2023/38xxx/CVE-2023-38656.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-38656", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/39xxx/CVE-2023-39449.json b/2023/39xxx/CVE-2023-39449.json new file mode 100644 index 00000000000..39c1fe0012f --- /dev/null +++ b/2023/39xxx/CVE-2023-39449.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-39449", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/39xxx/CVE-2023-39932.json b/2023/39xxx/CVE-2023-39932.json new file mode 100644 index 00000000000..c28e9dd4344 --- /dev/null +++ b/2023/39xxx/CVE-2023-39932.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-39932", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/40xxx/CVE-2023-40154.json b/2023/40xxx/CVE-2023-40154.json new file mode 100644 index 00000000000..63a662f8b33 --- /dev/null +++ b/2023/40xxx/CVE-2023-40154.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-40154", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/40xxx/CVE-2023-40305.json b/2023/40xxx/CVE-2023-40305.json index c3fa571d45f..ff755d6920d 100644 --- a/2023/40xxx/CVE-2023-40305.json +++ b/2023/40xxx/CVE-2023-40305.json @@ -61,6 +61,11 @@ "url": "https://ftp.gnu.org/gnu/indent/", "refsource": "MISC", "name": "https://ftp.gnu.org/gnu/indent/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2023-b7f5059ee9", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3W6SL3NKMH5R4S5PD2O3MTC2UR4SBVHK/" } ] } diff --git a/2023/40xxx/CVE-2023-40746.json b/2023/40xxx/CVE-2023-40746.json new file mode 100644 index 00000000000..83101ec4db1 --- /dev/null +++ b/2023/40xxx/CVE-2023-40746.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-40746", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/41xxx/CVE-2023-41092.json b/2023/41xxx/CVE-2023-41092.json new file mode 100644 index 00000000000..27a303bfebc --- /dev/null +++ b/2023/41xxx/CVE-2023-41092.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-41092", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/41xxx/CVE-2023-41252.json b/2023/41xxx/CVE-2023-41252.json new file mode 100644 index 00000000000..ff13f0fd42c --- /dev/null +++ b/2023/41xxx/CVE-2023-41252.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-41252", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/41xxx/CVE-2023-41833.json b/2023/41xxx/CVE-2023-41833.json new file mode 100644 index 00000000000..ba5cf087f45 --- /dev/null +++ b/2023/41xxx/CVE-2023-41833.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-41833", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4733.json b/2023/4xxx/CVE-2023-4733.json index 158dcf4561c..0099eaf1f47 100644 --- a/2023/4xxx/CVE-2023-4733.json +++ b/2023/4xxx/CVE-2023-4733.json @@ -64,6 +64,11 @@ "url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c", "refsource": "MISC", "name": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" } ] }, diff --git a/2023/4xxx/CVE-2023-4750.json b/2023/4xxx/CVE-2023-4750.json index 351a407f188..e3e56212398 100644 --- a/2023/4xxx/CVE-2023-4750.json +++ b/2023/4xxx/CVE-2023-4750.json @@ -64,6 +64,11 @@ "url": "https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed", "refsource": "MISC", "name": "https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" } ] }, diff --git a/2023/4xxx/CVE-2023-4752.json b/2023/4xxx/CVE-2023-4752.json index 163c9bd7195..3082509fe0b 100644 --- a/2023/4xxx/CVE-2023-4752.json +++ b/2023/4xxx/CVE-2023-4752.json @@ -64,6 +64,11 @@ "url": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139", "refsource": "MISC", "name": "https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/" } ] },