admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-15 01:00:34 +00:00
parent d72d0b3887
commit 96c0533c9f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
10 changed files with 730 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2023/39xxx/CVE-2023-39643.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-39643",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-39643",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Bl Modules xmlfeeds before v3.9.8 was discovered to contain a SQL injection vulnerability via the component SearchApiXml::Xmlfeeds()."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://addons.prestashop.com/en/data-import-export/5732-xml-feeds-pro.html",
"refsource": "MISC",
"name": "https://addons.prestashop.com/en/data-import-export/5732-xml-feeds-pro.html"
},
{
"refsource": "MISC",
"name": "https://security.friendsofpresta.org/modules/2023/08/29/xmlfeeds.html",
"url": "https://security.friendsofpresta.org/modules/2023/08/29/xmlfeeds.html"
}
]
}

61
2023/40xxx/CVE-2023-40984.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40984",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-40984",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://webmin.com",
"refsource": "MISC",
"name": "http://webmin.com"
},
{
"refsource": "MISC",
"name": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40984",
"url": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40984"
}
]
}

61
2023/40xxx/CVE-2023-40985.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40985",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-40985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://webmin.com",
"refsource": "MISC",
"name": "http://webmin.com"
},
{
"refsource": "MISC",
"name": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985",
"url": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985"
}
]
}

61
2023/40xxx/CVE-2023-40986.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40986",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-40986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://webmin.com",
"refsource": "MISC",
"name": "http://webmin.com"
},
{
"refsource": "MISC",
"name": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40986",
"url": "https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40986"
}
]
}

82
2023/4xxx/CVE-2023-4977.json
View File

@ -1,17 +1,91 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4977",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": " Code Injection in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94 Improper Control of Generation of Code",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/3db8a1a4-ca2d-45df-be18-a959ebf82fbc"
},
{
"url": "https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/1194934d31c795a3f6877a96ffaa34b1f475bdd0"
}
]
},
"source": {
"advisory": "3db8a1a4-ca2d-45df-be18-a959ebf82fbc",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH"
}
]
}

82
2023/4xxx/CVE-2023-4978.json
View File

@ -1,17 +1,91 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/cefd9295-2053-4e6e-a130-7e1f845728f4"
},
{
"url": "https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/e4c46a45364cb944b94abf9b83f0558b2c4c2fb7"
}
]
},
"source": {
"advisory": "cefd9295-2053-4e6e-a130-7e1f845728f4",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9,
"baseSeverity": "CRITICAL"
}
]
}

82
2023/4xxx/CVE-2023-4979.json
View File

@ -1,17 +1,91 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4979",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f"
},
{
"url": "https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03"
}
]
},
"source": {
"advisory": "e67f8f5d-4048-404f-9b86-cb6b8719b77f",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

92
2023/4xxx/CVE-2023-4980.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-4980",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/470b9b13-b7fe-4b3f-a186-fdc5dc193976"
},
{
"url": "https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/cfd642be6a1e988453bd63069d17db3664e7de97"
}
]
},
"source": {
"advisory": "470b9b13-b7fe-4b3f-a186-fdc5dc193976",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}
}

92
2023/4xxx/CVE-2023-4981.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-4981",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609"
},
{
"url": "https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7"
}
]
},
"source": {
"advisory": "1f014494-49a9-4bf0-8d43-a675498b9609",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}
}

92
2023/4xxx/CVE-2023-4982.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-4982",
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "librenms",
"product": {
"product_data": [
{
"product_name": "librenms/librenms",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "23.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e"
},
{
"url": "https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769",
"refsource": "MISC",
"name": "https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769"
}
]
},
"source": {
"advisory": "d3c2dd8a-883c-400e-a1a7-326c3fd37b9e",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}
]
}
}