admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-06-12 20:00:45 +00:00
parent 4a965c89f5
commit 8f8860c47b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
52 changed files with 1005 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2014/125xxx/CVE-2014-125026.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "0.0.0-20140711154735-199f5f787806"
}
]
}

5
2017/20xxx/CVE-2017-20146.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.3.0"
}
]
}

2
2020/28xxx/CVE-2020-28367.json
View File

@ -45,7 +45,7 @@
},
{
"version_affected": "<",
"version_name": "1.15.0",
"version_name": "1.15.0-0",
"version_value": "1.15.5"
}
]

6
2020/36xxx/CVE-2020-36562.json
View File

@ -39,8 +39,10 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "?"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}

5
2020/36xxx/CVE-2020-36564.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.1.1"
}
]
}

5
2020/36xxx/CVE-2020-36565.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "4.1.18-0.20201215153152-4422e3b66b9f"
}
]
}

5
2020/36xxx/CVE-2020-36568.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.0.0"
}
]
}

25
2021/4xxx/CVE-2021-4235.json
View File

@ -39,8 +39,29 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "2.2.3"
}
]
}
}
]
}
},
{
"vendor_name": "github.com/go-yaml/yaml",
"product": {
"product_data": [
{
"product_name": "github.com/go-yaml/yaml",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}

5
2021/4xxx/CVE-2021-4236.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "1.4.0",
"version_affected": "="
"version_affected": "<",
"version_name": "1.4.0",
"version_value": "1.5.2"
}
]
}

5
2021/4xxx/CVE-2021-4238.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.1.1"
}
]
}

5
2021/4xxx/CVE-2021-4239.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.0.0"
}
]
}

5
2022/2xxx/CVE-2022-2582.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.34.0"
}
]
}

5
2022/2xxx/CVE-2022-2583.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "0.7.2"
}
]
}

5
2022/2xxx/CVE-2022-2584.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "1.3.1"
}
]
}

5
2022/3xxx/CVE-2022-3064.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "2.2.4"
}
]
}

6
2022/3xxx/CVE-2022-3346.json
View File

@ -39,8 +39,10 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "?"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}

6
2022/3xxx/CVE-2022-3347.json
View File

@ -39,8 +39,10 @@
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "?"
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}

5
2022/41xxx/CVE-2022-41719.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
"version_affected": "<",
"version_name": "0",
"version_value": "2.1.1"
}
]
}

5
2022/41xxx/CVE-2022-41721.json
View File

@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_value": "0.0.0-20220524220425-1d687d428aca",
"version_affected": "="
"version_affected": "<",
"version_name": "0.0.0-20220524220425-1d687d428aca",
"version_value": "0.1.1-0.20221104162952-702349b0e862"
}
]
}

56
2022/43xxx/CVE-2022-43777.json
View File

@ -1,18 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43777",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hp-security-alert@hp.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HP Inc.",
"product": {
"product_data": [
{
"product_name": "HP PC BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See HP Security Bulletin reference for affected versions."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835",
"refsource": "MISC",
"name": "https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835"
}
]
},
"generator": {
"engine": "cveClient/1.0.13"
}
}

56
2022/43xxx/CVE-2022-43778.json
View File

@ -1,18 +1,66 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-43778",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "hp-security-alert@hp.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HP Inc.",
"product": {
"product_data": [
{
"product_name": "HP PC BIOS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See HP Security Bulletin reference for affected versions."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835",
"refsource": "MISC",
"name": "https://support.hp.com/us-en/document/ish_7709808-7709835-16/hpsbhf03835"
}
]
},
"generator": {
"engine": "cveClient/1.0.13"
}
}

5
2022/4xxx/CVE-2022-4141.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202305-16",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html"
}
]
},

5
2023/0xxx/CVE-2023-0054.json
View File

@ -94,6 +94,11 @@
"refsource": "GENTOO",
"name": "GLSA-202305-16",
"url": "https://security.gentoo.org/glsa/202305-16"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html"
}
]
},

5
2023/1xxx/CVE-2023-1175.json
View File

@ -94,6 +94,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-030318ca00",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IE44W6WMMREYCW3GJHPSYP7NK2VT5NY6/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html"
}
]
},

79
2023/1xxx/CVE-2023-1897.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1897",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Atlas Copco Power Focus 6000 web server does not sanitize the login information stored by the authenticated user\u2019s browser, which could allow an attacker with access to the user\u2019s computer to gain credential information of the controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312 Cleartext Storage of Sensitive Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlas Copco",
"product": {
"product_data": [
{
"product_name": "Power Focus",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01"
}
]
},
"generator": {
"engine": "VINCE 2.1.2",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1897"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
}
]
}

79
2023/1xxx/CVE-2023-1898.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1898",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Atlas Copco Power Focus 6000 web server uses a small amount of session ID numbers. An attacker could enter a session ID number to retrieve data for an active user\u2019s session."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-334 Small Space of Random Values"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlas Copco",
"product": {
"product_data": [
{
"product_name": "Power Focus",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01"
}
]
},
"generator": {
"engine": "VINCE 2.1.2",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1898"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
}
]
}

79
2023/1xxx/CVE-2023-1899.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-1899",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Atlas Copco Power Focus 6000 web server is not a secure connection by default, which could allow an attacker to gain sensitive information by monitoring network traffic between user and controller."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-319 Cleartext Transmission of Sensitive Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Atlas Copco",
"product": {
"product_data": [
{
"product_name": "Power Focus",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "6000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01"
}
]
},
"generator": {
"engine": "VINCE 2.1.2",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-1899"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
}
]
}

2
2023/24xxx/CVE-2023-24534.json
View File

@ -45,7 +45,7 @@
},
{
"version_affected": "<",
"version_name": "1.20.0",
"version_name": "1.20.0-0",
"version_value": "1.20.3"
}
]

4
2023/24xxx/CVE-2023-24536.json
View File

@ -45,7 +45,7 @@
},
{
"version_affected": "<",
"version_name": "1.20.0",
"version_name": "1.20.0-0",
"version_value": "1.20.3"
}
]
@ -62,7 +62,7 @@
},
{
"version_affected": "<",
"version_name": "1.20.0",
"version_name": "1.20.0-0",
"version_value": "1.20.3"
}
]

56
2023/28xxx/CVE-2023-28478.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-28478",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-28478",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TP-Link EC-70 devices through 2.3.4 Build 20220902 rel.69498 have a Buffer Overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0006.md",
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0006.md"
}
]
}

8
2023/2xxx/CVE-2023-2118.json
View File

@ -66,5 +66,11 @@
},
"source": {
"discovery": "UNKNOWN"
}
},
"credits": [
{
"lang": "en",
"value": "Jico"
}
]
}

5
2023/2xxx/CVE-2023-2610.json
View File

@ -84,6 +84,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2023-99d2eaac80",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCLJN4QINITA3ZASKLEJ64C5TFNKELMO/"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230612 [SECURITY] [DLA 3453-1] vim security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00015.html"
}
]
},

5
2023/31xxx/CVE-2023-31475.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md",
"url": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/Buffer_Overflow.md"
},
{
"refsource": "MISC",
"name": "https://justinapplegate.me/2023/glinet-CVE-2023-31475/",
"url": "https://justinapplegate.me/2023/glinet-CVE-2023-31475/"
}
]
}

4
2023/33xxx/CVE-2023-33622.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-33622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-31475. Reason: This record is a reservation duplicate of CVE-2023-31475. Notes: All CVE users should reference CVE-2023-31475 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}

4
2023/33xxx/CVE-2023-33623.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-33623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-31478. Reason: This record is a reservation duplicate of CVE-2023-31478. Notes: All CVE users should reference CVE-2023-31478 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}

4
2023/33xxx/CVE-2023-33624.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2023-33624",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-31472. Reason: This record is a reservation duplicate of CVE-2023-31472. Notes: All CVE users should reference CVE-2023-31472 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage."
}
]
}

71
2023/33xxx/CVE-2023-33625.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33625",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33625",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command injection vulnerability via the ST parameter in the lxmldbc_system() function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/cmd%20injection",
"refsource": "MISC",
"name": "https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/cmd%20injection"
},
{
"refsource": "MISC",
"name": "https://hackmd.io/@naihsin/By2datZD2",
"url": "https://hackmd.io/@naihsin/By2datZD2"
},
{
"refsource": "MISC",
"name": "https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/cmd%20injection/README.md",
"url": "https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/cmd%20injection/README.md"
}
]
}

66
2023/33xxx/CVE-2023-33626.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-33626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-33626",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"refsource": "MISC",
"name": "https://www.dlink.com/en/security-bulletin/"
},
{
"url": "https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/overflow",
"refsource": "MISC",
"name": "https://github.com/naihsin/IoT/tree/main/D-Link/DIR-600/overflow"
},
{
"refsource": "MISC",
"name": "https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/overflow/README.md",
"url": "https://github.com/naihsin/IoT/blob/main/D-Link/DIR-600/overflow/README.md"
}
]
}

56
2023/34xxx/CVE-2023-34940.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34940",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-34940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the url parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/URLFilterList_Stack_BOF.md",
"refsource": "MISC",
"name": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/URLFilterList_Stack_BOF.md"
}
]
}

56
2023/34xxx/CVE-2023-34941.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-34941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPORTED WHEN ASSIGNED ** A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/StoredXSS_FirewallURLFilter.md",
"refsource": "MISC",
"name": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/StoredXSS_FirewallURLFilter.md"
}
]
}

56
2023/34xxx/CVE-2023-34942.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34942",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-34942",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** UNSUPPORTED WHEN ASSIGNED ** Asus RT-N10LX Router v2.0.0.39 was discovered to contain a stack overflow via the mac parameter at /start-apply.html. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/MAC_Address_StackBOF.md",
"refsource": "MISC",
"name": "https://github.com/OlivierLaflamme/cve/blob/main/ASUS-N10LX_2.0.0.39/MAC_Address_StackBOF.md"
}
]
}

18
2023/35xxx/CVE-2023-35064.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35065.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35065",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35066.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35066",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35067.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35067",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35068.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35068",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35069.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35069",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35070.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35070",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35071.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35071",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35072.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35072",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/35xxx/CVE-2023-35073.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-35073",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

55
2023/3xxx/CVE-2023-3161.json
View File

@ -4,14 +4,63 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3161",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Linux Kernel (fbcon)",
"version": {
"version_data": [
{
"version_value": "Fixed in kernel 6.2-rc7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1335"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213485"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be",
"url": "https://github.com/torvalds/linux/commit/2b09d5d364986f724f17001ccfe4126b9b43a0be"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and possible denial of service."
}
]
}