diff --git a/2020/11xxx/CVE-2020-11711.json b/2020/11xxx/CVE-2020-11711.json index e1b655868e2..c49b08b3bf0 100644 --- a/2020/11xxx/CVE-2020-11711.json +++ b/2020/11xxx/CVE-2020-11711.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-11711", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-11711", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possible to inject malicious HTML content in order to execute JavaScript inside a victim's browser. This results in a stored XSS on the authentication interface of the admin panel. Moreover, an unsecured authentication form is present on the authentication interface of the SSL VPN captive portal. Users are allowed to save their credentials inside the browser. If an administrator saves his credentials through this unsecured form, these credentials could be stolen via the stored XSS on the admin panel without user interaction. Another possible exploitation would be modification of the authentication form of the admin panel into a malicious form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.digitemis.com/category/blog/actualite/", + "refsource": "MISC", + "name": "https://www.digitemis.com/category/blog/actualite/" + }, + { + "url": "https://twitter.com/_ACKNAK_", + "refsource": "MISC", + "name": "https://twitter.com/_ACKNAK_" + }, + { + "refsource": "MISC", + "name": "https://advisories.stormshield.eu/2020-011/", + "url": "https://advisories.stormshield.eu/2020-011/" } ] } diff --git a/2023/3xxx/CVE-2023-3637.json b/2023/3xxx/CVE-2023-3637.json index 8f332eeccef..b7bd44f0832 100644 --- a/2023/3xxx/CVE-2023-3637.json +++ b/2023/3xxx/CVE-2023-3637.json @@ -127,19 +127,6 @@ } ] } - }, - { - "product_name": "Red Hat OpenStack Platform 18.0", - "version": { - "version_data": [ - { - "version_value": "not down converted", - "x_cve_json_5_version_data": { - "defaultStatus": "unaffected" - } - } - ] - } } ] } diff --git a/2023/40xxx/CVE-2023-40273.json b/2023/40xxx/CVE-2023-40273.json index e8592d87f5a..b55da0705da 100644 --- a/2023/40xxx/CVE-2023-40273.json +++ b/2023/40xxx/CVE-2023-40273.json @@ -66,9 +66,9 @@ "name": "https://lists.apache.org/thread/9rdmv8ln4y4ncbyrlmjrsj903x4l80nj" }, { - "url": "http://www.openwall.com/lists/oss-security/2023/08/23/1", + "url": "https://www.openwall.com/lists/oss-security/2023/08/23/1", "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2023/08/23/1" + "name": "https://www.openwall.com/lists/oss-security/2023/08/23/1" } ] }, @@ -86,6 +86,10 @@ { "lang": "en", "value": "L3yx of Syclover Security Team." + }, + { + "lang": "en", + "value": "Son Tran of VNPT-VCI" } ] } \ No newline at end of file diff --git a/2023/40xxx/CVE-2023-40796.json b/2023/40xxx/CVE-2023-40796.json index 166d759106e..c9a3c84086d 100644 --- a/2023/40xxx/CVE-2023-40796.json +++ b/2023/40xxx/CVE-2023-40796.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40796", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40796", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Phicomm k2 v22.6.529.216 is vulnerable to command injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2", + "refsource": "MISC", + "name": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2" } ] } diff --git a/2023/40xxx/CVE-2023-40797.json b/2023/40xxx/CVE-2023-40797.json index da871d2b841..1e8b16920ec 100644 --- a/2023/40xxx/CVE-2023-40797.json +++ b/2023/40xxx/CVE-2023-40797.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40797", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40797", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_4781A4", + "refsource": "MISC", + "name": "https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_4781A4" } ] } diff --git a/2023/40xxx/CVE-2023-40798.json b/2023/40xxx/CVE-2023-40798.json index 86f3277b40a..1f33d2a0e83 100644 --- a/2023/40xxx/CVE-2023-40798.json +++ b/2023/40xxx/CVE-2023-40798.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40798", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40798", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter", + "refsource": "MISC", + "name": "https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter" } ] } diff --git a/2023/40xxx/CVE-2023-40799.json b/2023/40xxx/CVE-2023-40799.json index f189926f1c9..339263f1d93 100644 --- a/2023/40xxx/CVE-2023-40799.json +++ b/2023/40xxx/CVE-2023-40799.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Tenda AC23 Vv16.03.07.45_cn AC23 is vulnerable to Buffer via sub_450A4C function." + "value": "Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function." } ] }, diff --git a/2023/4xxx/CVE-2023-4542.json b/2023/4xxx/CVE-2023-4542.json new file mode 100644 index 00000000000..0a7797d5f92 --- /dev/null +++ b/2023/4xxx/CVE-2023-4542.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4542", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4543.json b/2023/4xxx/CVE-2023-4543.json new file mode 100644 index 00000000000..01205e13dca --- /dev/null +++ b/2023/4xxx/CVE-2023-4543.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4543", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4544.json b/2023/4xxx/CVE-2023-4544.json new file mode 100644 index 00000000000..c0bcf3692c8 --- /dev/null +++ b/2023/4xxx/CVE-2023-4544.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4544", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4545.json b/2023/4xxx/CVE-2023-4545.json new file mode 100644 index 00000000000..ade71345e17 --- /dev/null +++ b/2023/4xxx/CVE-2023-4545.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4545", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4546.json b/2023/4xxx/CVE-2023-4546.json new file mode 100644 index 00000000000..c6c66532919 --- /dev/null +++ b/2023/4xxx/CVE-2023-4546.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4546", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4547.json b/2023/4xxx/CVE-2023-4547.json new file mode 100644 index 00000000000..68bc4814774 --- /dev/null +++ b/2023/4xxx/CVE-2023-4547.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4547", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4548.json b/2023/4xxx/CVE-2023-4548.json new file mode 100644 index 00000000000..80dbd168f8b --- /dev/null +++ b/2023/4xxx/CVE-2023-4548.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4548", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/4xxx/CVE-2023-4549.json b/2023/4xxx/CVE-2023-4549.json new file mode 100644 index 00000000000..e8fd41ac856 --- /dev/null +++ b/2023/4xxx/CVE-2023-4549.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-4549", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file