diff --git a/2023/43xxx/CVE-2023-43267.json b/2023/43xxx/CVE-2023-43267.json index 4bd19488b42..efe26c68fe8 100644 --- a/2023/43xxx/CVE-2023-43267.json +++ b/2023/43xxx/CVE-2023-43267.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-43267", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-43267", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A cross-site scripting (XSS) vulnerability in the publish article function of emlog pro v2.1.14 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Fliggyaaa/xss/", + "refsource": "MISC", + "name": "https://github.com/Fliggyaaa/xss/" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/Fliggyaaa/b61c24e828cbcfac42406be408665280", + "url": "https://gist.github.com/Fliggyaaa/b61c24e828cbcfac42406be408665280" } ] } diff --git a/2023/43xxx/CVE-2023-43268.json b/2023/43xxx/CVE-2023-43268.json index 58d655551d7..7f22719c16c 100644 --- a/2023/43xxx/CVE-2023-43268.json +++ b/2023/43xxx/CVE-2023-43268.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-43268", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-43268", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Deyue Remote Vehicle Management System v1.1 was discovered to contain a deserialization vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://hzya.anlu169.com/ms/login", + "refsource": "MISC", + "name": "https://hzya.anlu169.com/ms/login" + }, + { + "refsource": "MISC", + "name": "https://github.com/Fliggyaaa/DeYue-remote-vehicle-management-system", + "url": "https://github.com/Fliggyaaa/DeYue-remote-vehicle-management-system" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/Fliggyaaa/5517fdd59853cd81724b19d2f29c6760", + "url": "https://gist.github.com/Fliggyaaa/5517fdd59853cd81724b19d2f29c6760" } ] } diff --git a/2023/43xxx/CVE-2023-43297.json b/2023/43xxx/CVE-2023-43297.json index 966ea1113b6..c429d10f632 100644 --- a/2023/43xxx/CVE-2023-43297.json +++ b/2023/43xxx/CVE-2023-43297.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-43297", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-43297", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in animal-art-lab v13.6.1 allows attackers to send crafted notifications via leakage of the channel access token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43297.md", + "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43297.md" } ] } diff --git a/2023/43xxx/CVE-2023-43361.json b/2023/43xxx/CVE-2023-43361.json index d3298a3ce61..b2e74ba06f2 100644 --- a/2023/43xxx/CVE-2023-43361.json +++ b/2023/43xxx/CVE-2023-43361.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-43361", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-43361", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Buffer Overflow vulnerability in Vorbis-tools v.1.4.2 allows a local attacker to execute arbitrary code and cause a denial of service during the conversion of wav files to ogg files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xiph/vorbis-tools/issues/41", + "refsource": "MISC", + "name": "https://github.com/xiph/vorbis-tools/issues/41" + }, + { + "url": "https://github.com/xiph/vorbis-tools", + "refsource": "MISC", + "name": "https://github.com/xiph/vorbis-tools" + }, + { + "url": "https://github.com/xiph/vorbis", + "refsource": "MISC", + "name": "https://github.com/xiph/vorbis" + }, + { + "url": "https://xiph.org/vorbis/", + "refsource": "MISC", + "name": "https://xiph.org/vorbis/" } ] } diff --git a/2023/43xxx/CVE-2023-43836.json b/2023/43xxx/CVE-2023-43836.json index 6683f4b28f8..e9d2b5d9fa6 100644 --- a/2023/43xxx/CVE-2023-43836.json +++ b/2023/43xxx/CVE-2023-43836.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-43836", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-43836", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "There is a SQL injection vulnerability in the Jizhicms 2.4.9 backend, which users can use to obtain database information" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Fliggyaaa/jizhicmssql/", + "refsource": "MISC", + "name": "https://github.com/Fliggyaaa/jizhicmssql/" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/Fliggyaaa/417f8335ce0f0546e95dda91d4b54604", + "url": "https://gist.github.com/Fliggyaaa/417f8335ce0f0546e95dda91d4b54604" } ] } diff --git a/2023/44xxx/CVE-2023-44008.json b/2023/44xxx/CVE-2023-44008.json index 715eb7dac46..fccf960354f 100644 --- a/2023/44xxx/CVE-2023-44008.json +++ b/2023/44xxx/CVE-2023-44008.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-44008", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-44008", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the File Manager function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44008", + "url": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44008" } ] } diff --git a/2023/44xxx/CVE-2023-44009.json b/2023/44xxx/CVE-2023-44009.json index 946010ab8f7..f5f9610e4d1 100644 --- a/2023/44xxx/CVE-2023-44009.json +++ b/2023/44xxx/CVE-2023-44009.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-44009", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-44009", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the Skin Management function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.mojoportal.com/", + "refsource": "MISC", + "name": "https://www.mojoportal.com/" + }, + { + "refsource": "MISC", + "name": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44009", + "url": "https://github.com/Vietsunshine-Electronic-Solution-JSC/Vulnerability-Disclosures/tree/main/2023/CVE-2023-44009" } ] }