admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-06 17:00:33 +00:00
parent 9591143630
commit be0ef484ad
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 427 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2021/36xxx/CVE-2021-36646.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-36646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-36646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Cross Site Scrtpting (XSS) vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/kalcaddle/KodExplorer/issues/482",
"refsource": "MISC",
"name": "https://github.com/kalcaddle/KodExplorer/issues/482"
}
]
}

250
2023/20xxx/CVE-2023-20250.json
View File

@ -1,17 +1,259 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-20250",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@cisco.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device.\r\n\r This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cisco",
"product": {
"product_data": [
{
"product_name": "Cisco Small Business RV Series Router Firmware",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0.30"
},
{
"version_affected": "=",
"version_value": "1.0.0.2"
},
{
"version_affected": "=",
"version_value": "1.0.0.21"
},
{
"version_affected": "=",
"version_value": "1.0.1.1"
},
{
"version_affected": "=",
"version_value": "1.0.1.3"
},
{
"version_affected": "=",
"version_value": "1.0.1.6"
},
{
"version_affected": "=",
"version_value": "1.0.1.99"
},
{
"version_affected": "=",
"version_value": "1.0.2.7"
},
{
"version_affected": "=",
"version_value": "1.0.2.99"
},
{
"version_affected": "=",
"version_value": "1.0.3.14"
},
{
"version_affected": "=",
"version_value": "1.0.3.16"
},
{
"version_affected": "=",
"version_value": "1.0.3.22"
},
{
"version_affected": "=",
"version_value": "1.0.3.28"
},
{
"version_affected": "=",
"version_value": "1.0.3.44"
},
{
"version_affected": "=",
"version_value": "1.0.3.45"
},
{
"version_affected": "=",
"version_value": "1.0.3.51"
},
{
"version_affected": "=",
"version_value": "1.0.3.52"
},
{
"version_affected": "=",
"version_value": "1.0.3.54"
},
{
"version_affected": "=",
"version_value": "1.0.3.55"
},
{
"version_affected": "=",
"version_value": "1.1.0.5"
},
{
"version_affected": "=",
"version_value": "1.1.0.6"
},
{
"version_affected": "=",
"version_value": "1.1.0.9"
},
{
"version_affected": "=",
"version_value": "1.2.0.10"
},
{
"version_affected": "=",
"version_value": "1.2.0.14"
},
{
"version_affected": "=",
"version_value": "1.2.0.15"
},
{
"version_affected": "=",
"version_value": "1.2.0.8"
},
{
"version_affected": "=",
"version_value": "1.2.0.9"
},
{
"version_affected": "=",
"version_value": "1.2.0.99"
},
{
"version_affected": "=",
"version_value": "1.2.1.4"
},
{
"version_affected": "=",
"version_value": "1.2.1.7"
},
{
"version_affected": "=",
"version_value": "1.2.2.1"
},
{
"version_affected": "=",
"version_value": "1.2.2.4"
},
{
"version_affected": "=",
"version_value": "1.2.2.5"
},
{
"version_affected": "=",
"version_value": "1.2.2.8"
},
{
"version_affected": "=",
"version_value": "1.3.0.4"
},
{
"version_affected": "=",
"version_value": "1.3.0.7"
},
{
"version_affected": "=",
"version_value": "1.3.0.8"
},
{
"version_affected": "=",
"version_value": "1.3.0.99"
},
{
"version_affected": "=",
"version_value": "1.3.1.1"
},
{
"version_affected": "=",
"version_value": "1.3.1.4"
},
{
"version_affected": "=",
"version_value": "1.3.1.5"
},
{
"version_affected": "=",
"version_value": "1.3.1.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-stack-SHYv2f5N",
"refsource": "MISC",
"name": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-stack-SHYv2f5N"
}
]
},
"source": {
"advisory": "cisco-sa-sb-rv-stack-SHYv2f5N",
"discovery": "EXTERNAL",
"defects": [
"CSCwh17707",
"CSCwh17710",
"CSCwh17709"
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
}
]
}

2
2023/34xxx/CVE-2023-34188.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers."
"value": "The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests."
}
]
},

2
2023/39xxx/CVE-2023-39615.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Xmlsoft Libxml2 v2.11.0 was discovered to contain a global buffer overflow via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file."
"value": "** DISPUTED ** Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor's position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input."
}
]
},

61
2023/4xxx/CVE-2023-4498.json
View File

@ -1,18 +1,71 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4498",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cert@cert.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn should be accessible to authenticated users only"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-305: Authentication Bypass by Primary Weakness"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Tenda",
"product": {
"product_data": [
{
"product_name": "N300 Wireless N VDSL2 Modem Router",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "V53.0.1.6_EN"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://kb.cert.org/vuls/id/304455",
"refsource": "MISC",
"name": "https://kb.cert.org/vuls/id/304455"
}
]
},
"generator": {
"engine": "VINCE 2.1.4",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2023-4498"
},
"source": {
"discovery": "UNKNOWN"
}
}

18
2023/4xxx/CVE-2023-4805.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/4xxx/CVE-2023-4806.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4806",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/4xxx/CVE-2023-4807.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4807",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/4xxx/CVE-2023-4808.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4808",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}