admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-05-30 23:00:37 +00:00
parent 8c4f55e765
commit 893b336245
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 707 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2022/39xxx/CVE-2022-39071.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39071",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ZTE Blade A52, ZTE Blade A51, ZTE Blade A3 Lite, ZTE Blade A5 2020, ZTE Blade L210, ZTE Blade A7s, ZTE Blade A31, ZTE Blade A31 Plus, ZTE Blade A5 (2019), ZTE Blade A71, ZTE Blade A72, ZTE Blade V20 Smart, ZTE Blade V30, ZTE Blade V30 Vita, ZTE V40 Pro, ZTE Blade V40 Vita, ZTE Axon 40 Ultra",
"version": {
"version_data": [
{
"version_value": "All versions up to Z6356T_M01, All versions up to Blade A51_M06, All versions up to Blade A30_M08, All versions up to Blade A5 2020-T_M04, All versions up to GEN_MY_L210_V1.13, All versions up to CLA_GT_A7020_V2.1, All versions up to Blade A31_M02, All versions up to P600_M03, All versions up to P650 Pro_M12, All versions up to GEN_EU_EEA_A7030_V2.3, All versions up to MyOS11.0.2_A7039_CLA_CO, All versions up to TEL_MX_ZTE_8010V1.13, All versions up to TEL_MX_ZTE_9030V1.10, All versions up to TEL_MX_ZTE_8030V1.10, All versions up to MyOS11.0.3_9045_TEL All versions up to MyOS11.0.1_8044_CLA_CO, All versions up to NON_EEA_P898F01V1.0.0B25"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could overwrite some system configuration files and user installers without user permission."
}
]
}

50
2022/39xxx/CVE-2022-39074.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39074",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ZTE Blade A52, ZTE Blade A51, ZTE Blade A3 Lite, ZTE Blade A5 2020, ZTE Blade L210, ZTE Blade A7s, ZTE Blade A31, ZTE Blade A31 Plus, ZTE Blade A5 (2019), ZTE Blade A71, ZTE Blade A72, ZTE Blade V20 Smart, ZTE Blade V30, ZTE Blade V30 Vita, ZTE V40 Pro, ZTE Blade V40 Vita, ZTE Axon 40 Ultra",
"version": {
"version_data": [
{
"version_value": "All versions up to Z6356T_M01, All versions up to Blade A51_M06, All versions up to Blade A30_M08, All versions up to Blade A5 2020-T_M04, All versions up to GEN_MY_L210_V1.13, All versions up to CLA_GT_A7020_V2.1, All versions up to Blade A31_M02, All versions up to P600_M03, All versions up to P650 Pro_M12, All versions up to GEN_EU_EEA_A7030_V2.3, All versions up to MyOS11.0.2_A7039_CLA_CO, All versions up to TEL_MX_ZTE_8010V1.13, All versions up to TEL_MX_ZTE_9030V1.10, All versions up to TEL_MX_ZTE_8030V1.10, All versions up to MyOS11.0.3_9045_TEL All versions up to MyOS11.0.1_8044_CLA_CO, All versions up to NON_EEA_P898F01V1.0.0B25"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could start a non-public interface of an application without user permission."
}
]
}

50
2022/39xxx/CVE-2022-39075.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-39075",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@zte.com.cn",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ZTE Blade A52, ZTE Blade A51, ZTE Blade A3 Lite, ZTE Blade A5 2020, ZTE Blade L210, ZTE Blade A7s, ZTE Blade A31, ZTE Blade A31 Plus, ZTE Blade A5 (2019), ZTE Blade A71, ZTE Blade A72, ZTE Blade V20 Smart, ZTE Blade V30, ZTE Blade V30 Vita, ZTE V40 Pro, ZTE Blade V40 Vita, ZTE Axon 40 Ultra",
"version": {
"version_data": [
{
"version_value": "All versions up to Z6356T_M01, All versions up to Blade A51_M06, All versions up to Blade A30_M08, All versions up to Blade A5 2020-T_M04, All versions up to GEN_MY_L210_V1.13, All versions up to CLA_GT_A7020_V2.1, All versions up to Blade A31_M02, All versions up to P600_M03, All versions up to P650 Pro_M12, All versions up to GEN_EU_EEA_A7030_V2.3, All versions up to MyOS11.0.2_A7039_CLA_CO, All versions up to TEL_MX_ZTE_8010V1.13, All versions up to TEL_MX_ZTE_9030V1.10, All versions up to TEL_MX_ZTE_8030V1.10, All versions up to MyOS11.0.3_9045_TEL All versions up to MyOS11.0.1_8044_CLA_CO, All versions up to NON_EEA_P898F01V1.0.0B25"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664",
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1030664"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is an unauthorized access vulnerability in some ZTE mobile phones. If a malicious application is installed on the phone, it could delete some system files without user permission."
}
]
}

72
2023/29xxx/CVE-2023-29726.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29726",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29726",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Call Blocker application 6.6.3 for Android incorrectly opens a key component that an attacker can use to inject large amounts of dirty data into the application's database. When the application starts, it loads the data from the database into memory. Once the attacker injects too much data, the application triggers an OOM error and crashes, resulting in a persistent denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls"
},
{
"url": "https://www.call-blocker.info/",
"refsource": "MISC",
"name": "https://www.call-blocker.info/"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29726/CVE%20detail.md"
}
]
}

72
2023/29xxx/CVE-2023-29727.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29727",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29727",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Call Blocker application 6.6.3 for Android allows unauthorized applications to use exposed components to delete data stored in its database that is related to user privacy settings and affects the implementation of the normal functionality of the application. An attacker can use this to cause an escalation of privilege attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls"
},
{
"url": "https://www.call-blocker.info/",
"refsource": "MISC",
"name": "https://www.call-blocker.info/"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29727/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29727/CVE%20detail.md"
}
]
}

72
2023/29xxx/CVE-2023-29728.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29728",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29728",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Call Blocker application 6.6.3 for Android allows attackers to tamper with feature-related data, resulting in a severe elevation of privilege attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.cuiet.blockCalls"
},
{
"url": "https://www.call-blocker.info/",
"refsource": "MISC",
"name": "https://www.call-blocker.info/"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29728/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29728/CVE%20detail.md"
}
]
}

77
2023/29xxx/CVE-2023-29738.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29738",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29738",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in Wave Animated Keyboard Emoji v.1.70.7 for Android allows a local attacker to cause code execution and escalation of Privileges via the database files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.wavekeyboard.com/",
"refsource": "MISC",
"name": "http://www.wavekeyboard.com/"
},
{
"url": "https://play.google.com/store/apps/details?id=com.wave.keyboard",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.wave.keyboard"
},
{
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid",
"url": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29738/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29738/CVE%20detail.md"
}
]
}

72
2023/29xxx/CVE-2023-29739.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29739",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29739",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in Alarm Clock for Heavy Sleepers v.5.3.2 for Android allows unauthorized apps to cause escalation of privilege attacks by manipulating the component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://amdroidapp.com/",
"refsource": "MISC",
"name": "http://amdroidapp.com/"
},
{
"url": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29739/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29739/CVE%20detail.md"
}
]
}

77
2023/29xxx/CVE-2023-29740.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29740",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29740",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in Alarm Clock for Heavy Sleepers v.5.3.2 for Android allows unauthorized apps to cause a denial of service attack by manipulating the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://amdroidapp.com/",
"refsource": "MISC",
"name": "http://amdroidapp.com/"
},
{
"url": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.amdroidalarmclock.amdroid"
},
{
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather",
"url": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29740/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29740/CVE%20detail.md"
}
]
}

72
2023/29xxx/CVE-2023-29741.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29741",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29741",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause an escalation of privileges attack by manipulating the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.zmtqsh.com/",
"refsource": "MISC",
"name": "http://www.zmtqsh.com/"
},
{
"url": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29741/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29741/CVE%20detail.md"
}
]
}

72
2023/29xxx/CVE-2023-29743.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-29743",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-29743",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent denial of service attack by manipulating the database."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://www.zmtqsh.com/",
"refsource": "MISC",
"name": "http://www.zmtqsh.com/"
},
{
"url": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather",
"refsource": "MISC",
"name": "https://play.google.com/store/apps/details?id=com.icoolme.android.weather"
},
{
"refsource": "MISC",
"name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29743/CVE%20detail.md",
"url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29743/CVE%20detail.md"
}
]
}

79
2023/2xxx/CVE-2023-2952.json
View File

@ -4,15 +4,88 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-2952",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@gitlab.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Wireshark Foundation",
"product": {
"product_data": [
{
"product_name": "Wireshark",
"version": {
"version_data": [
{
"version_value": ">=4.0.0, <4.0.6"
},
{
"version_value": ">=3.6.0, <3.6.14"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Loop with unreachable exit condition ('infinite loop') in Wireshark"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.wireshark.org/security/wnpa-sec-2023-20.html",
"url": "https://www.wireshark.org/security/wnpa-sec-2023-20.html",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/wireshark/wireshark/-/issues/19100",
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19100",
"refsource": "MISC"
},
{
"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json",
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2952.json",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file"
}
]
},
"impact": {
"cvss": {
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"version": "3.1",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
}
}
}