admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-04-27 03:00:37 +00:00
parent 434e4e9e8c
commit a0776e716e
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
12 changed files with 243 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2022/1xxx/CVE-2022-1941.json
View File

@ -160,6 +160,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230418 [SECURITY] [DLA 3393-1] protobuf security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00019.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-15729fa33d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/"
}
]
},

5
2022/3xxx/CVE-2022-3171.json
View File

@ -107,6 +107,11 @@
"refsource": "GENTOO",
"name": "GLSA-202301-09",
"url": "https://security.gentoo.org/glsa/202301-09"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-15729fa33d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPCGUT3T5L6C3IDWUPSUO22QDCGQKTOP/"
}
]
},

5
2023/20xxx/CVE-2023-20852.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html"
}
]
},

5
2023/20xxx/CVE-2023-20853.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-7024-bdefe-1.html"
}
]
},

7
2023/22xxx/CVE-2023-22901.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrators privilege can exploit this vulnerability to access arbitrary system files."
"value": "ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator\u2019s privilege can exploit this vulnerability to access arbitrary system files."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-7022-2cbe0-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-7022-2cbe0-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-7022-2cbe0-1.html"
}
]
},

5
2023/24xxx/CVE-2023-24836.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html"
}
]
},

10
2023/28xxx/CVE-2023-28697.json
View File

@ -76,12 +76,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-7021-eb43a-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-7021-eb43a-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-7021-eb43a-1.html"
},
{
"refsource": "CONFIRM",
"url": "https://cdn-cms.azureedge.net/Moxa/media/PDIM/S100000223/MiiNePort%20E1%20Series_moxa-miineport-e1-series-firmware-v1.9.rom_Software%20Release%20History.pdf"
"refsource": "MISC",
"url": "https://cdn-cms.azureedge.net/Moxa/media/PDIM/S100000223/MiiNePort%20E1%20Series_moxa-miineport-e1-series-firmware-v1.9.rom_Software%20Release%20History.pdf",
"name": "https://cdn-cms.azureedge.net/Moxa/media/PDIM/S100000223/MiiNePort%20E1%20Series_moxa-miineport-e1-series-firmware-v1.9.rom_Software%20Release%20History.pdf"
}
]
},

10
2023/28xxx/CVE-2023-28856.json
View File

@ -95,6 +95,16 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQGKMKSQE67L32HE6W5EI2I2YKW5VWHI/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPUTH7NBQTZDVJWFNUD24ZCS6NDUFYS6/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/",
"refsource": "MISC",
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EQ4DJSO4DMR55AWK6OPVJH5UTEB35R2Z/"
}
]
},

18
2023/31xxx/CVE-2023-31284.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-31284",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

62
2023/31xxx/CVE-2023-31285.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-31285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An XSS issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"refsource": "MISC",
"name": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2"
}
]
}
}

62
2023/31xxx/CVE-2023-31286.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-31286",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When a password reset request occurs, the server response leaks the existence of users. If one tries to reset a password of a non-existent user, an error message indicates that this user does not exist."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"refsource": "MISC",
"name": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2"
}
]
}
}

62
2023/31xxx/CVE-2023-31287.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-31287",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. Password reset links are sent by email. A link contains a token that is used to reset the password. This token remains valid even after the password reset and can be used a second time to change the password of the corresponding user. The token expires only 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can thus use the token again to change the password in order to take over the account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"refsource": "MISC",
"name": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2"
}
]
}
}