admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-28 21:00:33 +00:00
parent 4b1be27f5d
commit c772031c81
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 430 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2023/0xxx/CVE-2023-0339.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass.This issue affects Access Management Web Policy Agent: through 5.10.1."
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1"
}
]
},
@ -41,7 +41,7 @@
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_name": "1.0.0",
"version_value": "5.10.1"
}
]

2
2023/0xxx/CVE-2023-0511.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass.This issue affects Access Management Java Policy Agent: from 1.0.0 through 5.10.1."
"value": "Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1"
}
]
},

101
2023/1xxx/CVE-2023-1099.json Normal file
View File

@ -0,0 +1,101 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-1099",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in SourceCodester Online Student Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file eduauth/edit-class-detail.php?editid=1. The manipulation of the argument editideditid leads to sql injection. The attack may be launched remotely. VDB-222002 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in SourceCodester Online Student Management System 1.0 ausgemacht. Dies betrifft einen unbekannten Teil der Datei eduauth/edit-class-detail.php?editid=1. Dank der Manipulation des Arguments editideditid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Student Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.222002",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222002"
},
{
"url": "https://vuldb.com/?ctiid.222002",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222002"
}
]
},
"credits": [
{
"lang": "en",
"value": "0chen (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

106
2023/1xxx/CVE-2023-1100.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-1100",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. This affects an unknown part of the file /reservation/add_message.php of the component POST Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222003."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in SourceCodester Online Catering Reservation System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /reservation/add_message.php der Komponente POST Parameter Handler. Dank Manipulation des Arguments fullname mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Catering Reservation System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.222003",
"refsource": "MISC",
"name": "https://vuldb.com/?id.222003"
},
{
"url": "https://vuldb.com/?ctiid.222003",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.222003"
},
{
"url": "https://github.com/jackswordsz/bug_report/blob/main/vendors/emoblazz/Online%20Catering%20Reservation%20System/SQLi-1.md",
"refsource": "MISC",
"name": "https://github.com/jackswordsz/bug_report/blob/main/vendors/emoblazz/Online%20Catering%20Reservation%20System/SQLi-1.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "jackswordsz (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

61
2023/22xxx/CVE-2023-22996.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-22996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/4b41a9d0fe3db5f91078a380f62f0572c3ecf2dd",
"url": "https://github.com/torvalds/linux/commit/4b41a9d0fe3db5f91078a380f62f0572c3ecf2dd"
}
]
}

61
2023/22xxx/CVE-2023-22997.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-22997",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/45af1d7aae7d5520d2858f8517a1342646f015db",
"url": "https://github.com/torvalds/linux/commit/45af1d7aae7d5520d2858f8517a1342646f015db"
},
{
"refsource": "MISC",
"name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2",
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.2"
}
]
}

61
2023/22xxx/CVE-2023-22998.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22998",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-22998",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/c24968734abfed81c8f93dc5f44a7b7a9aecadfa",
"url": "https://github.com/torvalds/linux/commit/c24968734abfed81c8f93dc5f44a7b7a9aecadfa"
},
{
"refsource": "MISC",
"name": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3",
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.0.3"
}
]
}

61
2023/22xxx/CVE-2023-22999.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-22999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-22999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3",
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.3"
},
{
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/b52fe2dbb3e655eb1483000adfab68a219549e13",
"url": "https://github.com/torvalds/linux/commit/b52fe2dbb3e655eb1483000adfab68a219549e13"
}
]
}