admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-13 19:00:44 +00:00
parent 6f86c784ea
commit 7885e87d0d
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
16 changed files with 519 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

129
2022/43xxx/CVE-2022-43684.json
View File

@ -1,17 +1,138 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43684",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@servicenow.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ServiceNow",
"product": {
"product_data": [
{
"product_name": "Now Platform",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "Quebec",
"version_value": "Patch 10 Hot Fix 8b"
},
{
"version_affected": "<",
"version_name": "Rome",
"version_value": "Patch 10 Hot Fix 1"
},
{
"version_affected": "<",
"version_name": "San Diego",
"version_value": "Patch 7"
},
{
"version_affected": "<",
"version_name": "Tokyo",
"version_value": "Tokyo Patch 1"
},
{
"version_affected": "<",
"version_name": "Utah",
"version_value": "Utah General Availability (GA)"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1303489",
"refsource": "MISC",
"name": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1303489"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Luke Symons"
},
{
"lang": "en",
"value": "Tony Wu"
},
{
"lang": "en",
"value": "Eldar Marcussen"
},
{
"lang": "en",
"value": "Gareth Phillips"
},
{
"lang": "en",
"value": "Jeff Thomas"
},
{
"lang": "en",
"value": "Nadeem Salim"
},
{
"lang": "en",
"value": "Stephen Bradshaw"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

56
2023/27xxx/CVE-2023-27836.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27836",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-27836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202",
"refsource": "MISC",
"name": "https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202"
}
]
}

4
2023/28xxx/CVE-2023-28598.json
View File

@ -31,11 +31,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Linux clients",
"product_name": "Zoom for Linux clients",
"version": {
"version_data": [
{

12
2023/28xxx/CVE-2023-28599.json
View File

@ -31,11 +31,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Android",
"product_name": "Zoom for Android",
"version": {
"version_data": [
{
@ -51,7 +51,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "5.13.10"
"version_value": "before 5.13.10"
}
]
}
@ -62,7 +62,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "5.13.10"
"version_value": "before 5.13.10"
}
]
}
@ -73,7 +73,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "5.13.10"
"version_value": "before 5.13.10"
}
]
}
@ -84,7 +84,7 @@
"version_data": [
{
"version_affected": "=",
"version_value": "5.13.10"
"version_value": "before 5.13.10"
}
]
}

4
2023/28xxx/CVE-2023-28600.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for macOS",
"product_name": "Zoom for macOS Client",
"version": {
"version_data": [
{

4
2023/28xxx/CVE-2023-28601.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{

4
2023/28xxx/CVE-2023-28602.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{

6
2023/28xxx/CVE-2023-28603.json
View File

@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "VDI Windows Meeting Client",
"product_name": "Zoom VDI Windows Meeting Client",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}

4
2023/34xxx/CVE-2023-34113.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{

89
2023/34xxx/CVE-2023-34114.json
View File

@ -1,17 +1,98 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34114",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@zoom.us",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Exposure of resource to wrong sphere in Zoom for Windows and Zoom for MacOS clients before 5.14.10 may allow an authenticated user to potentially enable information disclosure via network access. "
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-668 Exposure of Resource to Wrong Sphere",
"cweId": "CWE-668"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 5.14.10"
}
]
}
},
{
"product_name": "Zoom for MacOS Client",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 5.14.10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"refsource": "MISC",
"name": "https://explore.zoom.us/en/trust/security/security-bulletin/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
}
]
}

78
2023/34xxx/CVE-2023-34115.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@zoom.us",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer copy without checking size of input in Zoom Meeting SDK before 5.13.0 may allow an authenticated user to potentially enable a denial of service via local access. This issue may result in the Zoom Meeting SDK to crash and need to be restarted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "Zoom Meeting SDK",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 5.13.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"refsource": "MISC",
"name": "https://explore.zoom.us/en/trust/security/security-bulletin/"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
]
}

14
2023/34xxx/CVE-2023-34120.json
View File

@ -32,38 +32,38 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}
},
{
"product_name": "Rooms client for Windows",
"product_name": "Zoom Rooms Client for Windows",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}
},
{
"product_name": "VDI Windows Meeting",
"product_name": "Zoom VDI for Windows Meeting Clients",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}

21
2023/34xxx/CVE-2023-34121.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows",
"version": {
"version_data": [
{
@ -47,23 +47,30 @@
}
},
{
"product_name": "Rooms client for Windows",
"product_name": "Zoom Rooms Client for Windows",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}
},
}
]
}
},
{
"vendor_name": "ZoomZoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "VDI for Windows",
"product_name": "Zoom VDI for Windows Meeting Clients",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.14.0"
"version_value": "before 5.14.0"
}
]
}

4
2023/34xxx/CVE-2023-34122.json
View File

@ -32,11 +32,11 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Zoom",
"vendor_name": "Zoom Video Communications, Inc.",
"product": {
"product_data": [
{
"product_name": "for Windows",
"product_name": "Zoom for Windows Client",
"version": {
"version_data": [
{

66
2023/34xxx/CVE-2023-34965.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34965",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-34965",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SSPanel-Uim 2023.3 does not restrict access to the /link/ interface which can lead to a leak of user information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Anankke/SSPanel-Uim",
"refsource": "MISC",
"name": "https://github.com/Anankke/SSPanel-Uim"
},
{
"url": "https://docs.google.com/document/d/1TbHYGW65o1HBZoDf0rUDQMHPJE6qfQAvqdFv1DYY4BU/edit?usp=sharing",
"refsource": "MISC",
"name": "https://docs.google.com/document/d/1TbHYGW65o1HBZoDf0rUDQMHPJE6qfQAvqdFv1DYY4BU/edit?usp=sharing"
},
{
"refsource": "MISC",
"name": "https://github.com/AgentY0/CVE-2023-34965",
"url": "https://github.com/AgentY0/CVE-2023-34965"
}
]
}

166
2023/3xxx/CVE-2023-3224.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2023-3224",
"STATE": "PUBLIC",
"TITLE": " Code Injection in nuxt/nuxt"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "nuxt/nuxt",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "3.5.3"
}
]
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2023-3224",
"STATE": "PUBLIC",
"TITLE": " Code Injection in nuxt/nuxt"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "nuxt/nuxt",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "3.5.3"
}
]
}
}
]
},
"vendor_name": "nuxt"
}
}
]
},
"vendor_name": "nuxt"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": " Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code"
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Code Injection in GitHub repository nuxt/nuxt prior to 3.5.3."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/1eb74fd8-0258-4c1f-a904-83b52e373a87",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/1eb74fd8-0258-4c1f-a904-83b52e373a87"
},
{
"name": "https://github.com/nuxt/nuxt/commit/65a8f4eb3ef1b249a95fd59e323835a96428baff",
"refsource": "MISC",
"url": "https://github.com/nuxt/nuxt/commit/65a8f4eb3ef1b249a95fd59e323835a96428baff"
}
]
},
"source": {
"advisory": "1eb74fd8-0258-4c1f-a904-83b52e373a87",
"discovery": "EXTERNAL"
}
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/1eb74fd8-0258-4c1f-a904-83b52e373a87",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/1eb74fd8-0258-4c1f-a904-83b52e373a87"
},
{
"name": "https://github.com/nuxt/nuxt/commit/65a8f4eb3ef1b249a95fd59e323835a96428baff",
"refsource": "MISC",
"url": "https://github.com/nuxt/nuxt/commit/65a8f4eb3ef1b249a95fd59e323835a96428baff"
}
]
},
"source": {
"advisory": "1eb74fd8-0258-4c1f-a904-83b52e373a87",
"discovery": "EXTERNAL"
}
}