admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-25 08:00:33 +00:00
parent eccf839e34
commit 88fb376d28
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 554 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2023/33xxx/CVE-2023-33757.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33757",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/twignet/splicecom",
"url": "https://github.com/twignet/splicecom"
}
]
}

56
2023/33xxx/CVE-2023-33758.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the CLIENT_NAME and DEVICE_GUID fields in the login component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/twignet/splicecom",
"url": "https://github.com/twignet/splicecom"
}
]
}

56
2023/33xxx/CVE-2023-33759.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33759",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/twignet/splicecom",
"url": "https://github.com/twignet/splicecom"
}
]
}

56
2023/33xxx/CVE-2023-33760.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33760",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/twignet/splicecom",
"url": "https://github.com/twignet/splicecom"
}
]
}

18
2023/39xxx/CVE-2023-39191.json
View File

@ -101,6 +101,19 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -185,6 +198,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:6583"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0381",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0381"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-39191",
"refsource": "MISC",

67
2023/3xxx/CVE-2023-3812.json
View File

@ -128,6 +128,44 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
@ -241,25 +279,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -344,6 +363,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7554"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0340",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0340"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0378",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0378"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3812",
"refsource": "MISC",

170
2023/42xxx/CVE-2023-42753.json
View File

@ -60,6 +60,47 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.10.0-1160.108.1.rt56.1259.el7",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.10.0-1160.108.1.el7",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -101,6 +142,32 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
@ -128,6 +195,31 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
@ -222,44 +314,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -349,6 +403,36 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0134"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0340",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0340"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0346",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0346"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0347",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0347"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0371",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0371"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0376",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0376"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0378",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0378"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42753",
"refsource": "MISC",
@ -364,6 +448,11 @@
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
},
{
"url": "https://seclists.org/oss-sec/2023/q3/216",
"refsource": "MISC",
@ -373,11 +462,6 @@
"url": "https://www.openwall.com/lists/oss-security/2023/09/22/10",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2023/09/22/10"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html",
"refsource": "MISC",
"name": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html"
}
]
},

85
2023/5xxx/CVE-2023-5178.json
View File

@ -184,6 +184,57 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.0 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"version": {
@ -256,25 +307,6 @@
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
@ -349,6 +381,21 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:7559"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0340",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0340"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0378",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0378"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:0386",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:0386"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5178",
"refsource": "MISC",

99
2024/22xxx/CVE-2024-22099.json
View File

@ -1,17 +1,108 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-22099",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@openanolis.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-476 NULL Pointer Dereference",
"cweId": "CWE-476"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux kernel",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v2.6.12-rc2",
"version_value": "v6.8-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7956",
"refsource": "MISC",
"name": "https://bugzilla.openanolis.cn/show_bug.cgi?id=7956"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "Not yet",
"discovery": "INTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<a target=\"_blank\" rel=\"nofollow\" href=\"https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=6ec00b0737fe\">https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=6ec00b0737fe</a><br>"
}
],
"value": " https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=6ec00b0737fe https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/ \n"
}
],
"credits": [
{
"lang": "en",
"value": "Yuxuan-Hu <20373622@buaa.edu.cn>"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
]
}