admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-23 13:00:33 +00:00
parent 02bee9df14
commit 8dc33ab606
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
27 changed files with 420 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2013/4xxx/CVE-2013-4584.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4584",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Perdition",
"product": {
"product_data": [
{
"product_name": "Perdition",
"version": {
"version_data": [
{
"version_value": "before 2.2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,6 +27,30 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Perdition",
"product": {
"product_data": [
{
"product_name": "Perdition",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 2.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
@ -63,19 +64,24 @@
"name": "https://access.redhat.com/security/cve/cve-2013-4584"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89184",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89184",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89184"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89184"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/11/15/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/11/15/6",
"url": "http://www.openwall.com/lists/oss-security/2013/11/15/6"
"name": "http://www.openwall.com/lists/oss-security/2013/11/15/6"
},
{
"url": "http://www.securityfocus.com/bid/63696",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63696",
"url": "http://www.securityfocus.com/bid/63696"
"name": "http://www.securityfocus.com/bid/63696"
},
{
"url": "https://github.com/horms/perdition/commit/62a0ce94aeb7dd99155882956ce9e327ab914ddf",
"refsource": "MISC",
"name": "https://github.com/horms/perdition/commit/62a0ce94aeb7dd99155882956ce9e327ab914ddf"
}
]
}

3
2023/3xxx/CVE-2023-3097.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3098.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 3.2,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3099.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 3.2,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3100.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3119.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3120.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3121.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3143.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3144.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3145.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3146.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3147.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3148.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3149.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3150.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3151.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3152.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3163.json
View File

@ -126,8 +126,7 @@
{
"version": "2.0",
"baseScore": 2.7,
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P",
"baseSeverity": "LOW"
"vectorString": "AV:A/AC:L/Au:S/C:N/I:N/A:P"
}
]
}

3
2023/3xxx/CVE-2023-3165.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

3
2023/3xxx/CVE-2023-3176.json
View File

@ -98,8 +98,7 @@
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

17
2023/4xxx/CVE-2023-4157.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper Input Validation in GitHub repository omeka/omeka-s prior to 4.0.3."
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.\n"
}
]
},
@ -21,8 +21,8 @@
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
"value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')",
"cweId": "CWE-74"
}
]
}
@ -67,6 +67,9 @@
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "abc3521b-1238-4c4e-97f1-2957db670014",
"discovery": "EXTERNAL"
@ -74,18 +77,18 @@
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N",
"version": "3.1"
}
]
}

4
2023/5xxx/CVE-2023-5212.json
View File

@ -42,6 +42,10 @@
"version_affected": "<=",
"version_name": "*",
"version_value": "4.8.9"
},
{
"version_affected": "=",
"version_value": "4.9.2"
}
]
}

6
2023/5xxx/CVE-2023-5241.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append \"<?php\" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php."
"value": "The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcld_openai_upload_pagetraining_file function. This allows subscriber-level attackers to append \"<?php\" to any existing file on the server resulting in potential DoS when appended to critical files such as wp-config.php."
}
]
},
@ -42,6 +42,10 @@
"version_affected": "<=",
"version_name": "*",
"version_value": "4.8.9"
},
{
"version_affected": "=",
"version_value": "4.9.1"
}
]
}

336
2023/5xxx/CVE-2023-5246.json
View File

@ -1,17 +1,345 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5246",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@sick.de",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073, 1127717, 1130282, 1044074, 1121597, 1099832, 1051432, 1127487, 1069070, 1112296, 1044072, 1121596, 1099830 allows an unauthenticated remote attacker to potentially impact the availabilty, integrity and confidentaility of the gateways via an authentication bypass by capture-replay."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass by Capture-replay"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SICK AG",
"product": {
"product_data": [
{
"product_name": "FX0-GMOD00000",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GMOD00010",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GMOD00030",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GPNT00000",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GPNT00010",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GPNT00030",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GETC00000",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GETC00010",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX3-GEPR00000",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX3-GEPR00010",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GENT00000",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GENT00010",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "FX0-GENT00030",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "affected",
"version": "vers:all/*"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sick.com/psirt",
"refsource": "MISC",
"name": "https://sick.com/psirt"
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf",
"refsource": "MISC",
"name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.pdf"
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json",
"refsource": "MISC",
"name": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0011.json"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"supportingMedia": [
{
"base64": true,
"type": "text/html",
"value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
}
],
"value": "Please make sure that you apply general security practices when operating the SICK Flexi Soft Gateways. The following General Security Practices and Operating Guidelines could mitigate the associated security risk.\n"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

6
2023/5xxx/CVE-2023-5533.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9. This makes it possible for unauthenticated attackers to perform some of those actions that were intended for higher privileged users."
"value": "The AI ChatBot plugin for WordPress is vulnerable to unauthorized use of AJAX actions due to missing capability checks on the corresponding functions in versions up to, and including, 4.8.9 as well as 4.9.2. This makes it possible for unauthenticated attackers to perform some of those actions that were intended for higher privileged users."
}
]
},
@ -42,6 +42,10 @@
"version_affected": "<=",
"version_name": "*",
"version_value": "4.8.9"
},
{
"version_affected": "=",
"version_value": "4.9.2"
}
]
}

6
2023/5xxx/CVE-2023-5534.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9. This is due to missing or incorrect nonce validation on the corresponding functions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
"value": "The AI ChatBot plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.8.9 and 4.9.2. This is due to missing or incorrect nonce validation on the corresponding functions. This makes it possible for unauthenticated attackers to invoke those functions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
]
},
@ -42,6 +42,10 @@
"version_affected": "<=",
"version_name": "*",
"version_value": "4.8.9"
},
{
"version_affected": "=",
"version_value": "4.9.2"
}
]
}