admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-08 03:27:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-18 13:00:34 +00:00
parent f8be6dee72
commit c79fe69f93
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 215 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/44xxx/CVE-2021-44226.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html"
},
{
"refsource": "FULLDISC",
"name": "20230918 [SYSS-2023-002] Razer Synapse - Local Privilege Escalation",
"url": "http://seclists.org/fulldisclosure/2023/Sep/6"
}
]
}

5
2022/47xxx/CVE-2022-47631.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-002.txt",
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-002.txt"
},
{
"refsource": "FULLDISC",
"name": "20230918 [SYSS-2023-002] Razer Synapse - Local Privilege Escalation",
"url": "http://seclists.org/fulldisclosure/2023/Sep/6"
}
]
}

5
2022/47xxx/CVE-2022-47632.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/170772/Razer-Synapse-3.7.0731.072516-Local-Privilege-Escalation.html"
},
{
"refsource": "FULLDISC",
"name": "20230918 [SYSS-2023-002] Razer Synapse - Local Privilege Escalation",
"url": "http://seclists.org/fulldisclosure/2023/Sep/6"
}
]
}

104
2023/32xxx/CVE-2023-32187.json
View File

@ -1,17 +1,113 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-32187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@suse.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Allocation of Resources Without Limits or Throttling vulnerability in SUSE k3s allows attackers with access to K3s servers' apiserver/supervisor port (TCP 6443) cause denial of service.\nThis issue affects k3s: from v1.24.0 before v1.24.17+k3s1, from v1.25.0 before v1.25.13+k3s1, from v1.26.0 before v1.26.8+k3s1, from sev1.27.0 before v1.27.5+k3s1, from v1.28.0 before v1.28.1+k3s1.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-770: Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SUSE",
"product": {
"product_data": [
{
"product_name": "k3s",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "v1.24.0",
"version_value": "v1.24.17+k3s1"
},
{
"version_affected": "<",
"version_name": "v1.25.0",
"version_value": "v1.25.13+k3s1"
},
{
"version_affected": "<",
"version_name": "v1.26.0",
"version_value": "v1.26.8+k3s1"
},
{
"version_affected": "<",
"version_name": "sev1.27.0",
"version_value": "v1.27.5+k3s1"
},
{
"version_affected": "<",
"version_name": "v1.28.0",
"version_value": "v1.28.1+k3s1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32187https://",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32187https://"
},
{
"url": "https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2",
"refsource": "MISC",
"name": "https://github.com/k3s-io/k3s/security/advisories/GHSA-m4hf-6vgr-75r2"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
}

61
2023/34xxx/CVE-2023-34195.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-34195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-34195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in SystemFirmwareManagementRuntimeDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. The implementation of the GetImage method retrieves the value of a runtime variable named GetImageProgress, and later uses this value as a function pointer. This variable is wiped out by the same module near the end of the function. By setting this UEFI variable from the OS to point into custom code, an attacker could achieve arbitrary code execution in the DXE phase, before several chipset locks are set."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.insyde.com/security-pledge",
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge"
},
{
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge/SA-2023052",
"url": "https://www.insyde.com/security-pledge/SA-2023052"
}
]
}

15
2023/41xxx/CVE-2023-41064.json
View File

@ -90,6 +90,21 @@
"url": "https://support.apple.com/en-us/HT213906",
"refsource": "MISC",
"name": "https://support.apple.com/en-us/HT213906"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/9",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Sep/9"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/7",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Sep/7"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/8",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Sep/8"
}
]
}

5
2023/4xxx/CVE-2023-4296.json
View File

@ -89,6 +89,11 @@
"url": "https://codebeamer.com/cb/wiki/31346480",
"refsource": "MISC",
"name": "https://codebeamer.com/cb/wiki/31346480"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/10",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2023/Sep/10"
}
]
},

14
2023/4xxx/CVE-2023-4387.json
View File

@ -184,17 +184,17 @@
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
}
]

18
2023/5xxx/CVE-2023-5042.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5042",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}