mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
d7d11d1d43
commit
d9518f7175
@ -212,11 +212,7 @@
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "BB)"
|
||||
"version_value": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
|
||||
@ -1,17 +1,476 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33273",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "product-security@qualcomm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Qualcomm, Inc.",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Snapdragon",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "AQT1000"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "AR8035"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6200"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6800"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6900"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 7800"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QAM8295P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6174A"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6310"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6335"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6391"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6420"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6421"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6426"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6430"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6431"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6436"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6564A"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6564AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6574"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6574A"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6574AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6595"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6595AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6696"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA8081"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA8337"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA9377"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QSM8350"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Robotics RB3 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6145P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6155"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6155P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8150P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8155"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8155P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8295P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8540P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA9000P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD 675"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD 8 Gen1 5G"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD 8CX"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD670"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD675"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD855"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD865 5G"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SDX55"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SDX57M"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM7250P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 670 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 675 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 678 Mobile Platform (SM6150-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 845 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 850 Mobile Compute Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 855 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 865 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 888 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon AR2 Gen 1 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X24 LTE Modem"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X50 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X55 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X65 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon XR2 5G Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SSG2115P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SSG2125P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SXR1230P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SXR2130"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SXR2230P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 300 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 400 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9326"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9340"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9341"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9370"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9375"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9380"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9385"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3950"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3980"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3990"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8810"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8815"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8830"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8832"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8835"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.3,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "CHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,836 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-40504",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "product-security@qualcomm.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Qualcomm, Inc.",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Snapdragon",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "315 5G IoT Modem"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "APQ8017"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "AQT1000"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "AR8035"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "CSRA6620"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "CSRA6640"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "CSRB31024"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6200"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6700"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6800"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 6900"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FastConnect 7800"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "FSM10055"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6174A"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6310"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6335"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6391"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6420"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6421"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6426"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6430"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6431"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6436"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6564AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6574A"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6574AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6595AU"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6696"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA6698AQ"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA8081"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA8337"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCA9377"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM2290"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM4290"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM4325"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM4490"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM6125"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCM6490"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCN6024"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCN9024"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS2290"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS410"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS4290"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS4490"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS610"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS6125"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "QCS6490"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Qualcomm 205 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Qualcomm 215 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Robotics RB3 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6145P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6150P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6155"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA6155P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8145P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8150P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8155"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8155P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SA8195P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SC8180X+SDX55"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD 455"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD 675"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD460"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD626"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD660"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD662"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD670"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD675"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD730"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD855"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD865 5G"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SD888"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SDX55"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SDX57M"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SG4150P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM4450"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM6250"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM6250P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM7250P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM7315"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SM7325P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Smart Audio 400 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Smart Display 200 Platform (APQ5053-AA)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 210 Processor"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 212 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 4 Gen 1 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 425 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 427 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 429 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 435 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 439 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 450 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 460 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 480 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 480+ 5G Mobile Platform (SM4350-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 625 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 626 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 630 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 632 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 636 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 660 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 662 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 665 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 670 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 675 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 678 Mobile Platform (SM6150-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 680 4G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 685 4G Mobile Platform (SM6225-AD)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 690 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 695 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 710 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 712 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 720G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 730 Mobile Platform (SM7150-AA)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 730G Mobile Platform (SM7150-AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 732G Mobile Platform (SM7150-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 750G 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 765 5G Mobile Platform (SM7250-AA)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 765G 5G Mobile Platform (SM7250-AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 768G 5G Mobile Platform (SM7250-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 778G 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 780G 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 782G Mobile Platform (SM7325-AF)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 7c Compute Platform (SC7180-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) \"Rennell Pro\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 7c+ Gen 3 Compute"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8 Gen 1 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8+ Gen 1 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 845 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 850 Mobile Compute Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 855 Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 855+/860 Mobile Platform (SM8150-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 865 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 865+ 5G Mobile Platform (SM8250-AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 870 5G Mobile Platform (SM8250-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 888 5G Mobile Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 888+ 5G Mobile Platform (SM8350-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8c Compute Platform (SC8180X-AD) \"Poipu Lite\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8c Compute Platform (SC8180XP-AD) \"Poipu Lite\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Compute Platform (SC8180X-AA, AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) \"Poipu Pro\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) \"Poipu Pro\""
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon Auto 5G Modem-RF"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon W5+ Gen 1 Wearable Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X20 LTE Modem"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X24 LTE Modem"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X50 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X55 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X65 5G Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon X70 Modem-RF System"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon XR1 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon XR2 5G Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Snapdragon Auto 4G Modem"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SW5100"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SW5100P"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SXR1120"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "SXR2130"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 100 Platform (APQ8053-AA)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 200 Platform (APQ8053-AC)"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 300 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "Vision Intelligence 400 Platform"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9326"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9335"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9340"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9341"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9360"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9370"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9371"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9375"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9380"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCD9385"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3610"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3615"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3660"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3660B"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3680"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3680B"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3910"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3950"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3980"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3988"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN3990"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WCN6740"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8810"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8815"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8830"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8832"
|
||||
},
|
||||
{
|
||||
"version_affected": "=",
|
||||
"version_value": "WSA8835"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin"
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
{
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-0891",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "StagTools",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "2.3.7"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/72397fee-9768-462b-933c-400181a5487c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/72397fee-9768-462b-933c-400181a5487c"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "xplo1t"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,89 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-0924",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user (such as an Administrator) to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "ZYREX POPUP",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"status": "affected",
|
||||
"versionType": "custom",
|
||||
"version": "0",
|
||||
"lessThanOrEqual": "1.0"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/0fd0d7a5-9263-43b6-9244-7880c3d3e6f4",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/0fd0d7a5-9263-43b6-9244-7880c3d3e6f4"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Yogesh Verma"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,89 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1021",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "amr ical events lists",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"status": "affected",
|
||||
"versionType": "custom",
|
||||
"version": "0",
|
||||
"lessThanOrEqual": "6.6"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/91d04f96-11b2-46dc-860c-dc6c26360bf3",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/91d04f96-11b2-46dc-860c-dc6c26360bf3"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Shreya Pohekar"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,85 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1090",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The SMTP Mailing Queue WordPress plugin before 2.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SMTP Mailing Queue",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "2.0.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/d470dd6c-dcac-4a3e-b42a-2489a31aca45",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/d470dd6c-dcac-4a3e-b42a-2489a31aca45"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/youki992/youki992.github.io/blob/master/others/apply.md",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/youki992/youki992.github.io/blob/master/others/apply.md"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "jidle"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1125",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Ruby Help Desk",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "1.3.4"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/e8a4b6ab-47f8-495d-a22c-dcf914dfb58c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/e8a4b6ab-47f8-495d-a22c-dcf914dfb58c"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Ameen Alkurdy"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1525",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Site Reviews WordPress plugin before 6.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Site Reviews",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "6.7.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/4ae6bf90-b100-4bb5-bdd7-8acdbd950596",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/4ae6bf90-b100-4bb5-bdd7-8acdbd950596"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Shreya Pohekar"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1546",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "MyCryptoCheckout",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "2.124"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/bb065397-370f-4ee1-a2c8-20e4dc4415a0",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/bb065397-370f-4ee1-a2c8-20e4dc4415a0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Pablo Sanchez"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1554",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Quick Paypal Payments",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "5.7.26.4"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/0d247a3d-154e-4da7-a147-c1c7e1b5e87e",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/0d247a3d-154e-4da7-a147-c1c7e1b5e87e"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Pablo Sanchez"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1614",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The WP Custom Author URL WordPress plugin before 1.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "WP Custom Author URL",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "1.0.5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/56abd1e2-0ea9-47f7-9a1b-2093ac15d39c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/56abd1e2-0ea9-47f7-9a1b-2093ac15d39c"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Shreya Pohekar"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1669",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-502 Deserialization of Untrusted Data"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SEOPress",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "6.5.0.3"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/fb8791f5-2879-431e-9afc-06d5839e4b9d",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/fb8791f5-2879-431e-9afc-06d5839e4b9d"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Nguyen Huu Do"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1730",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-89 SQL Injection"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "SupportCandy",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "3.1.5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/44b51a56-ff05-4d50-9327-fc9bab74d4b7",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/44b51a56-ff05-4d50-9327-fc9bab74d4b7"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "dc11"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1804",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Product Catalog Feed by PixelYourSite",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "2.1.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/55b28fa6-a54f-4365-9d59-f9e331c1e11b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/55b28fa6-a54f-4365-9d59-f9e331c1e11b"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Maurice Fielenbach"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1805",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Product Catalog Feed by PixelYourSite",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "2.1.1"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/46b4582f-7651-4b74-a00b-1788587ecfa8",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/46b4582f-7651-4b74-a00b-1788587ecfa8"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Erwan LR (WPScan)"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1809",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files."
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200 Information Exposure"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Download Manager",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "6.0.0",
|
||||
"version_value": "6.3.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/57f0a078-fbeb-4b05-8892-e6d99edb82c1",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/57f0a078-fbeb-4b05-8892-e6d99edb82c1"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Johan Kragt"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,89 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1861",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-79 Cross-Site Scripting (XSS)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Limit Login Attempts",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "not down converted",
|
||||
"x_cve_json_5_version_data": {
|
||||
"versions": [
|
||||
{
|
||||
"status": "affected",
|
||||
"versionType": "custom",
|
||||
"version": "0",
|
||||
"lessThanOrEqual": "1.7.2"
|
||||
}
|
||||
],
|
||||
"defaultStatus": "affected"
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/461cbcca-aed7-4c92-ba35-ebabf4fcd810",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/461cbcca-aed7-4c92-ba35-ebabf4fcd810"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Marc Montpas"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
@ -1,18 +1,80 @@
|
||||
{
|
||||
"data_version": "4.0",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2023-1911",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-639 Authorization Bypass Through User-Controlled Key"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Blocksy Companion",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "0",
|
||||
"version_value": "1.8.82"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/e7c52af0-b210-4e7d-a5e0-ee0645ddc08c",
|
||||
"refsource": "MISC",
|
||||
"name": "https://wpscan.com/vulnerability/e7c52af0-b210-4e7d-a5e0-ee0645ddc08c"
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "WPScan CVE Generator"
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
},
|
||||
"credits": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Erwan LR (WPScan)"
|
||||
},
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "WPScan"
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user