admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-12 21:00:38 +00:00
parent 990d3ab743
commit 84a7a20b4f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 180 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/37xxx/CVE-2021-37501.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md",
"refsource": "MISC",
"name": "https://github.com/ST4RF4LL/Something_Found/blob/main/HDF5_v1.13.0_h5dump_heap_overflow.md"
},
{
"refsource": "MISC",
"name": "https://github.com/HDFGroup/hdf5/issues/2458",
"url": "https://github.com/HDFGroup/hdf5/issues/2458"
}
]
}

5
2023/26xxx/CVE-2023-26258.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup/",
"url": "https://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup/"
},
{
"refsource": "MISC",
"name": "https://support.arcserve.com/s/article/KB000015720?language=en_US",
"url": "https://support.arcserve.com/s/article/KB000015720?language=en_US"
}
]
}

66
2023/26xxx/CVE-2023-26563.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26563",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-26563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Syncfusion EJ2 Node File Provider 0102271 is vulnerable to filesystem-server.js directory traversal. As a result, an unauthenticated attacker can: - On Windows, list files in any directory, read any file, delete any file, upload any file to any directory accessible by the web server. - On Linux, read any file, download any directory, delete any file, upload any file to any directory accessible by the web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/SyncfusionExamples/ej2-filemanager-node-filesystem",
"refsource": "MISC",
"name": "https://github.com/SyncfusionExamples/ej2-filemanager-node-filesystem"
},
{
"url": "https://ej2.syncfusion.com/documentation/file-manager/file-system-provider/",
"refsource": "MISC",
"name": "https://ej2.syncfusion.com/documentation/file-manager/file-system-provider/"
},
{
"refsource": "MISC",
"name": "https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/",
"url": "https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/"
}
]
}

66
2023/26xxx/CVE-2023-26564.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-26564",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-26564",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Syncfusion EJ2 ASPCore File Provider 3ac357f is vulnerable to Models/PhysicalFileProvider.cs directory traversal. As a result, an unauthenticated attacker can list files within a directory, download any file, or upload any file to any directory accessible by the web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ej2.syncfusion.com/documentation/file-manager/file-system-provider/",
"refsource": "MISC",
"name": "https://ej2.syncfusion.com/documentation/file-manager/file-system-provider/"
},
{
"url": "https://github.com/SyncfusionExamples/ej2-aspcore-file-provider",
"refsource": "MISC",
"name": "https://github.com/SyncfusionExamples/ej2-aspcore-file-provider"
},
{
"refsource": "MISC",
"name": "https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/",
"url": "https://github.com/RupturaInfoSec/CVE-2023-26563-26564-26565/"
}
]
}

56
2023/33xxx/CVE-2023-33274.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33274",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://gist.github.com/pedromonteirobb/a0584095b46141702c8cae0f3f1b6759",
"url": "https://gist.github.com/pedromonteirobb/a0584095b46141702c8cae0f3f1b6759"
}
]
}