diff --git a/2023/23xxx/CVE-2023-23330.json b/2023/23xxx/CVE-2023-23330.json index aea736313ae..95812df190c 100644 --- a/2023/23xxx/CVE-2023-23330.json +++ b/2023/23xxx/CVE-2023-23330.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-23330", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-23330", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.amano.eu/en/parking/xparc/", + "refsource": "MISC", + "name": "https://www.amano.eu/en/parking/xparc/" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@saleh.py/amano-xparc-local-file-inclusion-cve-2023-23330-672ae8fbfd1e", + "url": "https://medium.com/@saleh.py/amano-xparc-local-file-inclusion-cve-2023-23330-672ae8fbfd1e" } ] } diff --git a/2023/25xxx/CVE-2023-25262.json b/2023/25xxx/CVE-2023-25262.json index 31d31879d8e..54ca013a5c8 100644 --- a/2023/25xxx/CVE-2023-25262.json +++ b/2023/25xxx/CVE-2023-25262.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-25262", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-25262", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://stimulsoft.com", + "refsource": "MISC", + "name": "http://stimulsoft.com" + }, + { + "url": "https://cloud-trustit.spp.at/s/HjEksN86SfsMaJM", + "refsource": "MISC", + "name": "https://cloud-trustit.spp.at/s/HjEksN86SfsMaJM" + }, + { + "refsource": "MISC", + "name": "https://cves.at/posts/cve-2023-25262/writeup/", + "url": "https://cves.at/posts/cve-2023-25262/writeup/" } ] } diff --git a/2023/27xxx/CVE-2023-27700.json b/2023/27xxx/CVE-2023-27700.json index 8dced63924d..390890ea139 100644 --- a/2023/27xxx/CVE-2023-27700.json +++ b/2023/27xxx/CVE-2023-27700.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-27700", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-27700", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "MuYuCMS v2.2 was discovered to contain an arbitrary file deletion vulnerability via the component /accessory/picdel.html." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/MuYuCMS/MuYuCMS/issues/8", + "refsource": "MISC", + "name": "https://github.com/MuYuCMS/MuYuCMS/issues/8" } ] }