admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-26 23:01:01 +00:00
parent d0a56918cd
commit 99e1c1262a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 178 additions and 580 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2023/0xxx/CVE-2023-0468.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0468",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "Linux Kernel prior to Kernel 6.1 RC7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Kernel 6.1 RC7"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2164024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2164024"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race condition of poll_refs. This flaw may cause a NULL pointer dereference."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

50
2023/0xxx/CVE-2023-0469.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0469",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Kernel",
"version": {
"version_data": [
{
"version_value": "Linux Kernel prior t oKernel 6.1 RC7"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-191"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2163723",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2163723"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during call cleanup. This flaw may lead to a denial of service."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

85
2023/0xxx/CVE-2023-0470.json
View File

@ -1,89 +1,18 @@
{
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2023-0470",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Stored in modoboa/modoboa"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "modoboa/modoboa",
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "2.0.4"
}
]
}
}
]
},
"vendor_name": "modoboa"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0470",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository modoboa/modoboa prior to 2.0.4."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/baae3180-b63b-4880-b2af-1a3f30056c2b",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/baae3180-b63b-4880-b2af-1a3f30056c2b"
},
{
"name": "https://github.com/modoboa/modoboa/commit/354ab6884019009249097a7f3a1881d81ecd2fd2",
"refsource": "MISC",
"url": "https://github.com/modoboa/modoboa/commit/354ab6884019009249097a7f3a1881d81ecd2fd2"
}
]
},
"source": {
"advisory": "baae3180-b63b-4880-b2af-1a3f30056c2b",
"discovery": "EXTERNAL"
}
}

58
2023/0xxx/CVE-2023-0471.json
View File

@ -1,67 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0471",
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "109.0.5414.119",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://crbug.com/1376354",
"refsource": "MISC",
"name": "https://crbug.com/1376354"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

58
2023/0xxx/CVE-2023-0472.json
View File

@ -1,67 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0472",
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "109.0.5414.119",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://crbug.com/1405256",
"refsource": "MISC",
"name": "https://crbug.com/1405256"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

58
2023/0xxx/CVE-2023-0473.json
View File

@ -1,67 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0473",
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Type Confusion"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "109.0.5414.119",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://crbug.com/1404639",
"refsource": "MISC",
"name": "https://crbug.com/1404639"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

58
2023/0xxx/CVE-2023-0474.json
View File

@ -1,67 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0474",
"ASSIGNER": "chrome-cve-admin@google.com",
"STATE": "PUBLIC"
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium)"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use after free"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Google",
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "109.0.5414.119",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2023/01/stable-channel-update-for-desktop_24.html"
},
{
"url": "https://crbug.com/1400841",
"refsource": "MISC",
"name": "https://crbug.com/1400841"
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

50
2023/0xxx/CVE-2023-0476.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-0476",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Tenable.sc",
"version": {
"version_data": [
{
"version_value": "Tenable.sc versions 5.23.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "LDAP Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2023-03",
"url": "https://www.tenable.com/security/tns-2023-03"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

50
2023/24xxx/CVE-2023-24493.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24493",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Tenable.sc",
"version": {
"version_data": [
{
"version_value": "Tenable.sc versions 5.23.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Formula injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2023-03",
"url": "https://www.tenable.com/security/tns-2023-03"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A formula injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could leverage the reporting system to export reports containing formulas, which would then require a victim to approve and execute on a host."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

50
2023/24xxx/CVE-2023-24494.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24494",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Tenable.sc",
"version": {
"version_data": [
{
"version_value": "Tenable.sc versions 5.23.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2023-03",
"url": "https://www.tenable.com/security/tns-2023-03"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

50
2023/24xxx/CVE-2023-24495.json
View File

@ -4,58 +4,14 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24495",
"ASSIGNER": "vulnreport@tenable.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Tenable.sc",
"version": {
"version_data": [
{
"version_value": "Tenable.sc versions 5.23.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Server Side Request Forgery (SSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.tenable.com/security/tns-2023-03",
"url": "https://www.tenable.com/security/tns-2023-03"
}
]
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc due to improper validation of session & user-accessible input data. A privileged, authenticated remote attacker could interact with external and internal services covertly."
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}

141
2023/24xxx/CVE-2023-24508.json
View File

@ -1,17 +1,150 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-24508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@baicells.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods below have been tested and validated by a 3rd party analyst and has been confirmed exploitable special thanks to Rustam Amin for providing the steps to reproduce. BaiBS_RTS_3.6.6 (verified on live device): Pre-login Remote Execution of shell commands as root (command used - \"ls\"): POST http://<ip>:<port>/utility/run_warn_command.sh HTTP/1.1 Cookie: browser_time=1672739229 commands=ls&hash=browser_time%3D1673903145 This happens because commands value gets executed: printf \"%s\" \"$FORM_commands\" | tr -d \"\\r\" > $tmp_file sh $tmp_file Any version of BaiBS_RTS_3.6.6 and older: Pre-login Remote Execution of shell commands as root (due to not checking anything on user-input and injecting it into shell script via haserl binary): Any POST to http://<ip>:<port>/utility/<any_script_there>.sh will do, due to this - in each: eval $(baicells_session_validator -c \"$COOKIE_hash\" -e \"$COOKIE_exp\" -a \"$HTTP_USER_AGENT\" -i \"$REMOTE_ADDR\" -r \"login.htm\" -t $(uci get baicells.global.session_timeout) -b \"$COOKIE_browser_time\") HTTP header User-Agent can be used and any Cookie. Exploit Sending HTTP POST requests to the Baicells equipment web-interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Baicells",
"product": {
"product_data": [
{
"product_name": "Nova 227",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
},
{
"product_name": "Nova 233",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
},
{
"product_name": "Nova 246",
"version": {
"version_data": [
{
"version_value": "0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://img.baicells.com//Upload/20230118/FILE/BaiBS_RTS_3.7.11.6.IMG.IMG",
"refsource": "MISC",
"name": "https://img.baicells.com//Upload/20230118/FILE/BaiBS_RTS_3.7.11.6.IMG.IMG"
},
{
"url": "https://img.baicells.com//Upload/20230118/FILE/BaiBS_RTS_3.7.11.6_Changelog.PDF.pdf",
"refsource": "MISC",
"name": "https://img.baicells.com//Upload/20230118/FILE/BaiBS_RTS_3.7.11.6_Changelog.PDF.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"configuration": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Nova eNB would need to be configured and running on 3.6.6 firmware and older along with being accessible on the internal network or public network. If the Web interface is enabled it will allow users to exploit using the above method.&nbsp;"
}
],
"value": "Nova eNB would need to be configured and running on 3.6.6 firmware and older along with being accessible on the internal network or public network. If the Web interface is enabled it will allow users to exploit using the above method.\u00a0"
}
],
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "<p>Baicells recommends that all customers currently running an earlier version of RTS/RTD upgrade their products to the 3.7.11.6 firmware.</p><br>"
}
],
"value": "Baicells recommends that all customers currently running an earlier version of RTS/RTD upgrade their products to the 3.7.11.6 firmware.\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Rustam Amin"
},
{
"lang": "en",
"value": "Baicells Security Team"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
}
]
}