admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-09-13 20:00:34 +00:00
parent 62d10d8ca8
commit d7f5f54cfd
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 230 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
2023/40xxx/CVE-2023-40850.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40850",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-40850",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/flyyue2001/cve/blob/main/NS-ASG-bak-leakage.md",
"refsource": "MISC",
"name": "https://github.com/flyyue2001/cve/blob/main/NS-ASG-bak-leakage.md"
}
]
}

101
2023/41xxx/CVE-2023-41892.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-41892",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-advisories@github.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94: Improper Control of Generation of Code ('Code Injection')",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "craftcms",
"product": {
"product_data": [
{
"product_name": "cms",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": ">= 4.0.0-RC1, <= 4.4.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g"
},
{
"url": "https://github.com/craftcms/cms/commit/7359d18d46389ffac86c2af1e0cd59e37c298857",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/commit/7359d18d46389ffac86c2af1e0cd59e37c298857"
},
{
"url": "https://github.com/craftcms/cms/commit/a270b928f3d34ad3bd953b81c304424edd57355e",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/commit/a270b928f3d34ad3bd953b81c304424edd57355e"
},
{
"url": "https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1"
},
{
"url": "https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1#diff-47dd43d86f85161944dfcce2e41d31955c4184672d9bd9d82b948c6b01b86476",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/commit/c0a37e15cc925c473e60e27fe64054993b867ac1#diff-47dd43d86f85161944dfcce2e41d31955c4184672d9bd9d82b948c6b01b86476"
},
{
"url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4415---2023-07-03-critical",
"refsource": "MISC",
"name": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#4415---2023-07-03-critical"
}
]
},
"source": {
"advisory": "GHSA-4w8r-3xrw-v25g",
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
}
]
}

71
2023/42xxx/CVE-2023-42468.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-42468",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-42468",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to initiate phone calls without user consent, because of improper export of the com.cutestudio.dialer.activities.DialerActivity component. A third-party application (without any permissions) can craft an intent targeting com.cutestudio.dialer.activities.DialerActivity via the android.intent.action.CALL action in conjunction with a tel: URI, thereby placing a phone call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/CWE-284.md",
"refsource": "MISC",
"name": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/CWE-284.md"
},
{
"url": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/dialerPOC.apk",
"refsource": "MISC",
"name": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/dialerPOC.apk"
},
{
"url": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/dial.gif",
"refsource": "MISC",
"name": "https://github.com/actuator/com.cutestudio.colordialer/blob/main/dial.gif"
},
{
"refsource": "MISC",
"name": "https://github.com/actuator/cve/blob/main/CVE-2023-42468",
"url": "https://github.com/actuator/cve/blob/main/CVE-2023-42468"
}
]
}

18
2023/4xxx/CVE-2023-4951.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-4951",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}