From bd131e77ae82808decbb77cdbf92da65556ae82f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 1 Jun 2023 03:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/42xxx/CVE-2022-42225.json | 5 +++ 2023/29xxx/CVE-2023-29748.json | 71 +++++++++++++++++++++++++++++++--- 2023/33xxx/CVE-2023-33461.json | 56 ++++++++++++++++++++++++--- 2023/33xxx/CVE-2023-33716.json | 56 ++++++++++++++++++++++++--- 2023/33xxx/CVE-2023-33719.json | 61 ++++++++++++++++++++++++++--- 2023/34xxx/CVE-2023-34312.json | 62 +++++++++++++++++++++++++++++ 6 files changed, 287 insertions(+), 24 deletions(-) create mode 100644 2023/34xxx/CVE-2023-34312.json diff --git a/2022/42xxx/CVE-2022-42225.json b/2022/42xxx/CVE-2022-42225.json index aa3ecb8a034..2e964e0e4cf 100644 --- a/2022/42xxx/CVE-2022-42225.json +++ b/2022/42xxx/CVE-2022-42225.json @@ -71,6 +71,11 @@ "refsource": "MISC", "name": "https://gist.github.com/bybit-sec/eb750c1d906c89e97092b29015472738", "url": "https://gist.github.com/bybit-sec/eb750c1d906c89e97092b29015472738" + }, + { + "refsource": "MISC", + "name": "https://github.com/jumpserver/lina/pull/2264", + "url": "https://github.com/jumpserver/lina/pull/2264" } ] } diff --git a/2023/29xxx/CVE-2023-29748.json b/2023/29xxx/CVE-2023-29748.json index cfc05acb6df..f9f27f1bf82 100644 --- a/2023/29xxx/CVE-2023-29748.json +++ b/2023/29xxx/CVE-2023-29748.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-29748", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-29748", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Story Saver for Instragram - Video Downloader 1.0.6 for Android has an exposed component that provides a method to modify the SharedPreference file. An attacker can leverage this method to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. When an attacker injects too much data, the application will trigger an OOM error and crash at startup, resulting in a persistent denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://apksos.com/app/story.saver.downloader.photo.video.repost.byrk", + "refsource": "MISC", + "name": "https://apksos.com/app/story.saver.downloader.photo.video.repost.byrk" + }, + { + "url": "https://www.instagram.com/nihans_macrame/", + "refsource": "MISC", + "name": "https://www.instagram.com/nihans_macrame/" + }, + { + "refsource": "MISC", + "name": "https://play.google.com/store/apps/details?id=ru.yandex.yandexnavi", + "url": "https://play.google.com/store/apps/details?id=ru.yandex.yandexnavi" + }, + { + "refsource": "MISC", + "name": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md", + "url": "https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29748/CVE%20detail.md" } ] } diff --git a/2023/33xxx/CVE-2023-33461.json b/2023/33xxx/CVE-2023-33461.json index 6338ccd8120..c83c3658d31 100644 --- a/2023/33xxx/CVE-2023-33461.json +++ b/2023/33xxx/CVE-2023-33461.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33461", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33461", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ndevilla/iniparser/issues/144", + "refsource": "MISC", + "name": "https://github.com/ndevilla/iniparser/issues/144" } ] } diff --git a/2023/33xxx/CVE-2023-33716.json b/2023/33xxx/CVE-2023-33716.json index 3595b191b98..ffc98e4a5b5 100644 --- a/2023/33xxx/CVE-2023-33716.json +++ b/2023/33xxx/CVE-2023-33716.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33716", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33716", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "mp4v2 v2.1.3 was discovered to contain a memory leak via the class MP4StringProperty at mp4property.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/enzo1982/mp4v2/issues/36", + "refsource": "MISC", + "name": "https://github.com/enzo1982/mp4v2/issues/36" } ] } diff --git a/2023/33xxx/CVE-2023-33719.json b/2023/33xxx/CVE-2023-33719.json index 9ffba1664af..82e067302aa 100644 --- a/2023/33xxx/CVE-2023-33719.json +++ b/2023/33xxx/CVE-2023-33719.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-33719", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-33719", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "mp4v2 v2.1.3 was discovered to contain a memory leak via MP4SdpAtom::Read() at atom_sdp.cpp" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/enzo1982/mp4v2/issues/37", + "refsource": "MISC", + "name": "https://github.com/enzo1982/mp4v2/issues/37" + }, + { + "refsource": "MISC", + "name": "https://github.com/enzo1982/mp4v2/", + "url": "https://github.com/enzo1982/mp4v2/" } ] } diff --git a/2023/34xxx/CVE-2023-34312.json b/2023/34xxx/CVE-2023-34312.json new file mode 100644 index 00000000000..cc89e9bf04c --- /dev/null +++ b/2023/34xxx/CVE-2023-34312.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2023-34312", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vi3t1/qq-tim-elevation", + "refsource": "MISC", + "name": "https://github.com/vi3t1/qq-tim-elevation" + } + ] + } +} \ No newline at end of file