admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-04-24 18:00:39 +00:00
parent 4d2d83898a
commit 74b09bedf3
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
15 changed files with 696 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2012/10xxx/CVE-2012-10013.json
View File

@ -1,17 +1,114 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2012-10013", "ID": "CVE-2012-10013",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cna@vuldb.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability was found in Kau-Boy Backend Localization Plugin up to 1.6.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file backend_localization.php. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 2.0 is able to address this issue. The name of the patch is 43dc96defd7944da12ff116476a6890acd7dd24b. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-227231."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in Kau-Boy Backend Localization Plugin bis 1.6.1 f\u00fcr WordPress ausgemacht. Sie wurde als problematisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei backend_localization.php. Durch Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Ein Aktualisieren auf die Version 2.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 43dc96defd7944da12ff116476a6890acd7dd24b bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Kau-Boy",
"product": {
"product_data": [
{
"product_name": "Backend Localization Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.6.0"
},
{
"version_affected": "=",
"version_value": "1.6.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.227231",
"refsource": "MISC",
"name": "https://vuldb.com/?id.227231"
},
{
"url": "https://vuldb.com/?ctiid.227231",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.227231"
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/43dc96defd7944da12ff116476a6890acd7dd24b",
"refsource": "MISC",
"name": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/43dc96defd7944da12ff116476a6890acd7dd24b"
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0",
"refsource": "MISC",
"name": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
} }
] ]
} }

101
2012/10xxx/CVE-2012-10014.json
View File

@ -1,17 +1,110 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2012-10014", "ID": "CVE-2012-10014",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cna@vuldb.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A vulnerability classified as problematic has been found in Kau-Boy Backend Localization Plugin 2.0 on WordPress. Affected is the function backend_localization_admin_settings/backend_localization_save_setting/backend_localization_login_form/localize_backend of the file backend_localization.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 36f457ee16dd114e510fd91a3ea9fbb3c1f87184. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227232."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in Kau-Boy Backend Localization Plugin 2.0 f\u00fcr WordPress entdeckt. Es geht dabei um die Funktion backend_localization_admin_settings/backend_localization_save_setting/backend_localization_login_form/localize_backend der Datei backend_localization.php. Mittels dem Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 2.0.1 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 36f457ee16dd114e510fd91a3ea9fbb3c1f87184 bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Kau-Boy",
"product": {
"product_data": [
{
"product_name": "Backend Localization Plugin",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.227232",
"refsource": "MISC",
"name": "https://vuldb.com/?id.227232"
},
{
"url": "https://vuldb.com/?ctiid.227232",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.227232"
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/36f457ee16dd114e510fd91a3ea9fbb3c1f87184",
"refsource": "MISC",
"name": "https://github.com/wp-plugins/kau-boys-backend-localization/commit/36f457ee16dd114e510fd91a3ea9fbb3c1f87184"
},
{
"url": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0.1",
"refsource": "MISC",
"name": "https://github.com/wp-plugins/kau-boys-backend-localization/releases/tag/2.0.1"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
} }
] ]
} }

25
2023/22xxx/CVE-2023-22918.json
View File

@ -3,8 +3,9 @@
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "PSIRT@zyxel.com.tw", "ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2023-22918" "ID": "CVE-2023-22918",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -13,7 +14,7 @@
"vendor_name": "Zyxel", "vendor_name": "Zyxel",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "ATP series firmware", "product_name": "ATP series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -23,7 +24,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX series firmware", "product_name": "USG FLEX series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -33,7 +34,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX 50(W) firmware", "product_name": "USG FLEX 50(W) firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -43,7 +44,7 @@
] ]
} }
}, },
{ {
"product_name": "USG20(W)-VPN firmware", "product_name": "USG20(W)-VPN firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -53,7 +54,7 @@
] ]
} }
}, },
{ {
"product_name": "VPN series firmware", "product_name": "VPN series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -63,7 +64,7 @@
] ]
} }
}, },
{ {
"product_name": "NWA110AX firmware", "product_name": "NWA110AX firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -73,7 +74,7 @@
] ]
} }
}, },
{ {
"product_name": "WAC500 firmware", "product_name": "WAC500 firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -83,7 +84,7 @@
] ]
} }
}, },
{ {
"product_name": "WAX510D firmware", "product_name": "WAX510D firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -93,7 +94,7 @@
] ]
} }
} }
] ]
} }
} }
] ]
@ -135,4 +136,4 @@
} }
] ]
} }
} }

75
2023/26xxx/CVE-2023-26059.json
View File

@ -1,18 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-26059",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-26059",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Nokia NetAct before 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demilitarised zone behind a perimeter firewall and without exposure to the internet. The attack can only be performed by an internal user."
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://nokia.com",
"refsource": "MISC",
"name": "https://nokia.com"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2022-03/",
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2022-03/"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:L/S:C/UI:R",
"version": "3.1"
}
} }
} }

75
2023/26xxx/CVE-2023-26097.json
View File

@ -1,18 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-26097",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-26097",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify the application behaviour may not be blocked."
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.telindus.lu/fr/produits/apsal",
"refsource": "MISC",
"name": "https://www.telindus.lu/fr/produits/apsal"
},
{
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-26097",
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-26097"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:N/S:U/UI:N",
"version": "3.1"
}
} }
} }

75
2023/26xxx/CVE-2023-26099.json
View File

@ -1,18 +1,81 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-26099",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-26099",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "An issue was discovered in Telindus Apsal 3.14.2022.235 b. The consultation permission is insecure."
} }
] ]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.telindus.lu/fr/produits/apsal",
"refsource": "MISC",
"name": "https://www.telindus.lu/fr/produits/apsal"
},
{
"url": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-26099",
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/CVE-2023-26099"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AC:L/AV:L/A:N/C:L/I:L/PR:L/S:U/UI:N",
"version": "3.1"
}
} }
} }

61
2023/26xxx/CVE-2023-26865.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-26865",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-26865",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "SQL injection vulnerability found in PrestaShop bdroppy v.2.2.12 and before allowing a remote attacker to gain privileges via the BdroppyCronModuleFrontController::importProducts component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bdroppy.com/dropshipping-apps-integrations-bdroppy/",
"refsource": "MISC",
"name": "https://bdroppy.com/dropshipping-apps-integrations-bdroppy/"
},
{
"refsource": "MISC",
"name": "https://friends-of-presta.github.io/security-advisories/modules/2023/04/20/bdroppy.html",
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/04/20/bdroppy.html"
} }
] ]
} }

5
2023/27xxx/CVE-2023-27524.json
View File

@ -59,6 +59,11 @@
"url": "https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk", "url": "https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk",
"refsource": "MISC", "refsource": "MISC",
"name": "https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk" "name": "https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/24/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/04/24/2"
} }
] ]
}, },

61
2023/27xxx/CVE-2023-27848.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-27848",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-27848",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "broccoli-compass v0.2.4 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.npmjs.com/package/broccoli-compass",
"refsource": "MISC",
"name": "https://www.npmjs.com/package/broccoli-compass"
},
{
"refsource": "MISC",
"name": "https://github.com/omnitaint/Vulnerability-Reports/blob/9d65add2bca71ed6d6b2e281ee6790a12504ff8e/reports/broccoli-compass/report.md",
"url": "https://github.com/omnitaint/Vulnerability-Reports/blob/9d65add2bca71ed6d6b2e281ee6790a12504ff8e/reports/broccoli-compass/report.md"
} }
] ]
} }

61
2023/27xxx/CVE-2023-27849.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-27849",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-27849",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.npmjs.com/package/rails-routes-to-json",
"refsource": "MISC",
"name": "https://www.npmjs.com/package/rails-routes-to-json"
},
{
"refsource": "MISC",
"name": "https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md",
"url": "https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md"
} }
] ]
} }

19
2023/27xxx/CVE-2023-27990.json
View File

@ -3,8 +3,9 @@
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "PSIRT@zyxel.com.tw", "ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2023-27990" "ID": "CVE-2023-27990",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -13,7 +14,7 @@
"vendor_name": "Zyxel", "vendor_name": "Zyxel",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "ATP series firmware", "product_name": "ATP series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -23,7 +24,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX series firmware", "product_name": "USG FLEX series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -33,7 +34,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX 50(W) firmware", "product_name": "USG FLEX 50(W) firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -43,7 +44,7 @@
] ]
} }
}, },
{ {
"product_name": "USG20(W)-VPN firmware", "product_name": "USG20(W)-VPN firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -53,7 +54,7 @@
] ]
} }
}, },
{ {
"product_name": "VPN series firmware", "product_name": "VPN series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -63,7 +64,7 @@
] ]
} }
} }
] ]
} }
} }
] ]
@ -105,4 +106,4 @@
} }
] ]
} }
} }

19
2023/27xxx/CVE-2023-27991.json
View File

@ -3,8 +3,9 @@
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "PSIRT@zyxel.com.tw", "ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2023-27991" "ID": "CVE-2023-27991",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
@ -13,7 +14,7 @@
"vendor_name": "Zyxel", "vendor_name": "Zyxel",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "ATP series firmware", "product_name": "ATP series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -23,7 +24,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX series firmware", "product_name": "USG FLEX series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -33,7 +34,7 @@
] ]
} }
}, },
{ {
"product_name": "USG FLEX 50(W) firmware", "product_name": "USG FLEX 50(W) firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -43,7 +44,7 @@
] ]
} }
}, },
{ {
"product_name": "USG20(W)-VPN firmware", "product_name": "USG20(W)-VPN firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -53,7 +54,7 @@
] ]
} }
}, },
{ {
"product_name": "VPN series firmware", "product_name": "VPN series firmware",
"version": { "version": {
"version_data": [ "version_data": [
@ -63,7 +64,7 @@
] ]
} }
} }
] ]
} }
} }
] ]
@ -105,4 +106,4 @@
} }
] ]
} }
} }

71
2023/29xxx/CVE-2023-29566.json
View File

@ -1,17 +1,76 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2023-29566",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2023-29566",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "huedawn-tesseract 0.3.3 and dawnsparks-node-tesseract 0.4.0 to 0.4.1 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.npmjs.com/package/dawnsparks-node-tesseract",
"refsource": "MISC",
"name": "https://www.npmjs.com/package/dawnsparks-node-tesseract"
},
{
"url": "https://github.com/rona-dinihari/dawnsparks-node-tesseract",
"refsource": "MISC",
"name": "https://github.com/rona-dinihari/dawnsparks-node-tesseract"
},
{
"url": "https://github.com/rona-dinihari/dawnsparks-node-tesseract/commit/81d1664f0b9fe521534acfae1d5b9c40127b36c1",
"refsource": "MISC",
"name": "https://github.com/rona-dinihari/dawnsparks-node-tesseract/commit/81d1664f0b9fe521534acfae1d5b9c40127b36c1"
},
{
"refsource": "MISC",
"name": "https://github.com/omnitaint/Vulnerability-Reports/blob/ec3645003c7f8996459b5b24c722474adc2d599f/reports/dawnsparks-node-tesseract/report.md",
"url": "https://github.com/omnitaint/Vulnerability-Reports/blob/ec3645003c7f8996459b5b24c722474adc2d599f/reports/dawnsparks-node-tesseract/report.md"
} }
] ]
} }

5
2023/30xxx/CVE-2023-30776.json
View File

@ -59,6 +59,11 @@
"url": "https://lists.apache.org/thread/s9w9w10mt2sngk3solwnmq5k7md53tsz", "url": "https://lists.apache.org/thread/s9w9w10mt2sngk3solwnmq5k7md53tsz",
"refsource": "MISC", "refsource": "MISC",
"name": "https://lists.apache.org/thread/s9w9w10mt2sngk3solwnmq5k7md53tsz" "name": "https://lists.apache.org/thread/s9w9w10mt2sngk3solwnmq5k7md53tsz"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/24/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2023/04/24/3"
} }
] ]
}, },

18
2023/31xxx/CVE-2023-31122.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-31122",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}