admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-07-19 19:00:33 +00:00
parent 21c711b87f
commit c2c6e2a37c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 429 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2023/33xxx/CVE-2023-33231.json
View File

@ -60,9 +60,9 @@
"name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33231"
},
{
"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-3_release_notes.htm",
"url": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2-100_release_notes.htm",
"refsource": "MISC",
"name": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-3_release_notes.htm"
"name": "https://documentation.solarwinds.com/en/success_center/dpa/content/release_notes/dpa_2023-2-100_release_notes.htm"
}
]
},
@ -79,10 +79,10 @@
{
"base64": false,
"type": "text/html",
"value": "\n\nAll SolarWinds Database Performance Analyzer customers are advised to upgrade to the latest version of the SolarWinds Database Performance Analyzer version 2023.3<br>\n\n<br>"
"value": "\n\nAll SolarWinds Database Performance Analyzer customers are advised to upgrade to the latest version of the SolarWinds Database Performance Analyzer version 2023.2.100<br>\n\n<br>"
}
],
"value": "\nAll SolarWinds Database Performance Analyzer customers are advised to upgrade to the latest version of the SolarWinds Database Performance Analyzer version 2023.3\n\n\n\n"
"value": "\nAll SolarWinds Database Performance Analyzer customers are advised to upgrade to the latest version of the SolarWinds Database Performance Analyzer version 2023.2.100\n\n\n\n"
}
],
"credits": [

66
2023/37xxx/CVE-2023-37733.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-37733",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-37733",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://v40.com",
"refsource": "MISC",
"name": "http://v40.com"
},
{
"url": "https://github.com/TDuckCloud/tduck-platform",
"refsource": "MISC",
"name": "https://github.com/TDuckCloud/tduck-platform"
},
{
"url": "https://github.com/TDuckCloud/tduck-platform/issues/17",
"refsource": "MISC",
"name": "https://github.com/TDuckCloud/tduck-platform/issues/17"
}
]
}

116
2023/3xxx/CVE-2023-3466.json
View File

@ -1,17 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3466",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@citrix.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Reflected Cross-Site Scripting (XSS)\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Citrix",
"product": {
"product_data": [
{
"product_name": "NetScaler ADC\u202f",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.1",
"version_value": "49.13"
},
{
"version_affected": "<",
"version_name": "13.0",
"version_value": "91.13"
},
{
"version_affected": "<",
"version_name": "13.1-FIPS",
"version_value": "37.159"
},
{
"version_affected": "<",
"version_name": "12.1-FIPS ",
"version_value": "55.297"
},
{
"version_affected": "<",
"version_name": "12.1-NDcPP",
"version_value": "55.297"
}
]
}
},
{
"product_name": "NetScaler Gateway",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.1",
"version_value": "49.13"
},
{
"version_affected": "<",
"version_name": "13.0",
"version_value": "91.13"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467",
"refsource": "MISC",
"name": "https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

116
2023/3xxx/CVE-2023-3467.json
View File

@ -1,17 +1,125 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3467",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@citrix.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Privilege Escalation to root administrator (nsroot)\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Citrix",
"product": {
"product_data": [
{
"product_name": "NetScaler ADC\u202f",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.1",
"version_value": "49.13"
},
{
"version_affected": "<",
"version_name": "13.0",
"version_value": "91.13"
},
{
"version_affected": "<",
"version_name": "13.1-FIPS",
"version_value": "37.159"
},
{
"version_affected": "<",
"version_name": "12.1-FIPS",
"version_value": "55.297"
},
{
"version_affected": "<",
"version_name": "12.1-NDcPP",
"version_value": "55.297"
}
]
}
},
{
"product_name": "NetScaler Gateway",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "13.1",
"version_value": "49.13"
},
{
"version_affected": "<",
"version_name": "13.0",
"version_value": "91.13"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467",
"refsource": "MISC",
"name": "https://support.citrix.com/article/CTX561482/citrix-adc-and-citrix-gateway-security-bulletin-for-cve20233519-cve20233466-cve20233467"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

145
2023/3xxx/CVE-2023-3674.json
View File

@ -1,17 +1,154 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-3674",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Mutable Attestation or Measurement Reporting Data",
"cweId": "CWE-1283"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "keylime",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "7.2.5",
"status": "unaffected"
},
{
"version": "7.3.0",
"status": "unaffected"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
},
{
"vendor_name": "Fedora",
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3674",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2023-3674"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222903",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2222903"
},
{
"url": "https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db",
"refsource": "MISC",
"name": "https://github.com/keylime/keylime/commit/95ce3d86bd2c53009108ffda2dcf553312d733db"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Stefan Berger (IBM) for reporting this issue."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
]
}