admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-01-12 02:00:39 +00:00
parent 6f32e9924e
commit a99c006df8
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 341 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
2023/40xxx/CVE-2023-40250.json
View File

@ -1,17 +1,87 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40250",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vuln@krcert.or.kr",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Hancom HCell on Windows allows Overflow Buffers.This issue affects HCell: 12.0.0.893.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Hancom",
"product": {
"product_data": [
{
"product_name": "HCell",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "12.0.0.893"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.hancom.com/cs_center/csDownload.do?gnb0=25gnb1=80",
"refsource": "MISC",
"name": "https://www.hancom.com/cs_center/csDownload.do?gnb0=25gnb1=80"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

77
2023/52xxx/CVE-2023-52339.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-52339",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing. It may result in buffer overflows."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/Matroska-Org/libebml/issues/147",
"refsource": "MISC",
"name": "https://github.com/Matroska-Org/libebml/issues/147"
},
{
"url": "https://github.com/Matroska-Org/libebml/pull/148",
"refsource": "MISC",
"name": "https://github.com/Matroska-Org/libebml/pull/148"
},
{
"url": "https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md",
"refsource": "MISC",
"name": "https://github.com/Matroska-Org/libebml/blob/v1.x/NEWS.md"
},
{
"url": "https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5",
"refsource": "MISC",
"name": "https://github.com/Matroska-Org/libebml/compare/release-1.4.4...release-1.4.5"
}
]
}
}

90
2023/6xxx/CVE-2023-6040.json
View File

@ -1,17 +1,99 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-6040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@ubuntu.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125",
"cweId": "CWE-125"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "The Linux Kernel Organization",
"product": {
"product_data": [
{
"product_name": "linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "5.18-rc1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040",
"refsource": "MISC",
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6040"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/01/12/1",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2024/01/12/1"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Disabling unprivileged user namespaces mitigates the issue."
}
],
"credits": [
{
"lang": "en",
"value": "Lin Ma from Ant Security Light-Year Lab & ZJU"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}
]
}

104
2024/0xxx/CVE-2024-0454.json Normal file
View File

@ -0,0 +1,104 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-0454",
"ASSIGNER": "psirt@emc.com.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and enumeration with spoof sensor.\nThis fault leads to that Windows Hello recognition would be bypass with cloning SID to cause broken account identity.\nVersion which is lower than 3.0.12011.08009(Legacy)/3.3.12011.08103(ESS) would suffer this risk on DELL Inspiron platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-290 Authentication Bypass by Spoofing",
"cweId": "CWE-290"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ELAN",
"product": {
"product_data": [
{
"product_name": "DELL Inspiron",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"lessThan": "3.0.12011.08009",
"status": "affected",
"version": "3.0.12011.08001",
"versionType": "custom"
},
{
"lessThan": "3.3.12011.08103",
"status": "affected",
"version": "3.3.12011.08101",
"versionType": "custom"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.emc.com.tw/emc/tw/vulnerability-disclosure-policy",
"refsource": "MISC",
"name": "https://www.emc.com.tw/emc/tw/vulnerability-disclosure-policy"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
}
]
}
}