From fff64a65a0df7df2604c2cae1554896830ea6ae1 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 29 May 2024 03:00:50 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/21xxx/CVE-2023-21526.json | 12 +++ 2023/21xxx/CVE-2023-21528.json | 159 ++++++++++++++++++++++++++------- 2023/21xxx/CVE-2023-21529.json | 3 +- 2023/21xxx/CVE-2023-21553.json | 7 +- 2023/21xxx/CVE-2023-21564.json | 5 +- 2023/21xxx/CVE-2023-21566.json | 34 +++++-- 2023/21xxx/CVE-2023-21567.json | 58 ++++++++---- 2023/21xxx/CVE-2023-21568.json | 3 +- 2023/21xxx/CVE-2023-21570.json | 5 +- 2023/21xxx/CVE-2023-21571.json | 5 +- 2023/21xxx/CVE-2023-21572.json | 2 +- 2023/21xxx/CVE-2023-21573.json | 2 +- 2023/21xxx/CVE-2023-21684.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21685.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21686.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21687.json | 5 +- 2023/21xxx/CVE-2023-21688.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21689.json | 64 ++++++++++++- 2023/21xxx/CVE-2023-21690.json | 64 ++++++++++++- 2023/21xxx/CVE-2023-21691.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21692.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21693.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21694.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21695.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21697.json | 88 +++++++++++++++++- 2023/21xxx/CVE-2023-21699.json | 88 +++++++++++++++++- 2023/21xxx/CVE-2023-21700.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21701.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21702.json | 90 +++++++++++++++++-- 2023/21xxx/CVE-2023-21703.json | 5 +- 2023/21xxx/CVE-2023-21704.json | 101 ++++++++++++++++----- 2023/21xxx/CVE-2023-21705.json | 130 +++++++++++++++++++++------ 2023/21xxx/CVE-2023-21706.json | 3 +- 2023/21xxx/CVE-2023-21707.json | 3 +- 2023/21xxx/CVE-2023-21710.json | 3 +- 2023/21xxx/CVE-2023-21713.json | 130 +++++++++++++++++++++------ 2023/21xxx/CVE-2023-21756.json | 3 +- 2023/21xxx/CVE-2023-21777.json | 5 +- 2023/21xxx/CVE-2023-21778.json | 9 +- 2023/21xxx/CVE-2023-21794.json | 2 +- 2023/21xxx/CVE-2023-21806.json | 5 +- 2023/21xxx/CVE-2023-21807.json | 5 +- 2023/29xxx/CVE-2023-29347.json | 3 +- 2023/32xxx/CVE-2023-32033.json | 15 +++- 2023/32xxx/CVE-2023-32034.json | 15 +++- 2023/32xxx/CVE-2023-32035.json | 15 +++- 2023/32xxx/CVE-2023-32037.json | 3 +- 2023/32xxx/CVE-2023-32038.json | 15 +++- 2023/32xxx/CVE-2023-32039.json | 3 +- 2023/32xxx/CVE-2023-32040.json | 3 +- 2023/32xxx/CVE-2023-32041.json | 3 +- 2023/32xxx/CVE-2023-32042.json | 15 +++- 2023/32xxx/CVE-2023-32043.json | 15 +++- 2023/32xxx/CVE-2023-32044.json | 15 +++- 2023/32xxx/CVE-2023-32045.json | 15 +++- 2023/32xxx/CVE-2023-32046.json | 12 +++ 2023/32xxx/CVE-2023-32047.json | 3 +- 2023/32xxx/CVE-2023-32050.json | 15 +++- 2023/32xxx/CVE-2023-32051.json | 3 +- 2023/32xxx/CVE-2023-32052.json | 3 +- 2023/32xxx/CVE-2023-32053.json | 15 +++- 2023/32xxx/CVE-2023-32054.json | 15 +++- 2023/32xxx/CVE-2023-32055.json | 15 +++- 2023/32xxx/CVE-2023-32056.json | 3 +- 2023/32xxx/CVE-2023-32057.json | 17 +++- 2023/32xxx/CVE-2023-32083.json | 3 +- 2023/32xxx/CVE-2023-32084.json | 3 +- 2023/32xxx/CVE-2023-32085.json | 3 +- 2023/33xxx/CVE-2023-33127.json | 3 +- 2023/33xxx/CVE-2023-33134.json | 3 +- 2023/33xxx/CVE-2023-33148.json | 3 +- 2023/33xxx/CVE-2023-33149.json | 3 +- 2024/31xxx/CVE-2024-31158.json | 18 ++++ 2024/32xxx/CVE-2024-32940.json | 18 ++++ 2024/34xxx/CVE-2024-34165.json | 18 ++++ 2024/34xxx/CVE-2024-34545.json | 18 ++++ 2024/36xxx/CVE-2024-36261.json | 18 ++++ 2024/36xxx/CVE-2024-36276.json | 18 ++++ 2024/36xxx/CVE-2024-36291.json | 18 ++++ 2024/36xxx/CVE-2024-36297.json | 18 ++++ 2024/36xxx/CVE-2024-36483.json | 18 ++++ 2024/5xxx/CVE-2024-5150.json | 95 +++++++++++++++++++- 2024/5xxx/CVE-2024-5204.json | 80 ++++++++++++++++- 83 files changed, 2396 insertions(+), 286 deletions(-) create mode 100644 2024/31xxx/CVE-2024-31158.json create mode 100644 2024/32xxx/CVE-2024-32940.json create mode 100644 2024/34xxx/CVE-2024-34165.json create mode 100644 2024/34xxx/CVE-2024-34545.json create mode 100644 2024/36xxx/CVE-2024-36261.json create mode 100644 2024/36xxx/CVE-2024-36276.json create mode 100644 2024/36xxx/CVE-2024-36291.json create mode 100644 2024/36xxx/CVE-2024-36297.json create mode 100644 2024/36xxx/CVE-2024-36483.json diff --git a/2023/21xxx/CVE-2023-21526.json b/2023/21xxx/CVE-2023-21526.json index e6a66269338..3011335dcd6 100644 --- a/2023/21xxx/CVE-2023-21526.json +++ b/2023/21xxx/CVE-2023-21526.json @@ -226,6 +226,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/21xxx/CVE-2023-21528.json b/2023/21xxx/CVE-2023-21528.json index f855cbfd60b..b784e89fc29 100644 --- a/2023/21xxx/CVE-2023-21528.json +++ b/2023/21xxx/CVE-2023-21528.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -35,49 +36,103 @@ "product": { "product_data": [ { - "product_name": "Microsoft SQL Server", + "product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "version": { "version_data": [ { "version_affected": "<", "version_name": "13.0.0", "version_value": "13.0.7024.30" - }, - { - "version_affected": "<", - "version_name": "15.0.0", - "version_value": "15.0.2101.7" - }, - { - "version_affected": "<", - "version_name": "12.0.0", - "version_value": "12.0.6444.4" - }, - { - "version_affected": "<", - "version_name": "11.0.0", - "version_value": "11.0.7512.11" - }, - { - "version_affected": "<", - "version_name": "14.0.0", - "version_value": "14.0.2047.8" - }, - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.6814.4" - }, - { - "version_affected": "<", - "version_name": "16.0.0", - "version_value": "16.0.1050.5" } ] } }, { - "product_name": "Microsoft SQL Server 2017", + "product_name": "Microsoft SQL Server 2019 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.2101.7" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.6430.49" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6444.4" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (CU 4)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6174.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2012 Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "14.0.0", + "version_value": "14.0.2047.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017 (CU 31)", "version": { "version_data": [ { @@ -89,7 +144,7 @@ } }, { - "product_name": "Microsoft SQL Server 2019", + "product_name": "Microsoft SQL Server 2019 (CU 18)", "version": { "version_data": [ { @@ -99,6 +154,42 @@ } ] } + }, + { + "product_name": "Microsoft SQL Server 2008 Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.6814.4" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2008 R2 Service Pack 3 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.50.6785.2" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2022 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.0.1050.5" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21529.json b/2023/21xxx/CVE-2023-21529.json index 673bdaa59f6..f11a29213c1 100644 --- a/2023/21xxx/CVE-2023-21529.json +++ b/2023/21xxx/CVE-2023-21529.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21553.json b/2023/21xxx/CVE-2023-21553.json index 9ae3116032e..cb8a2ad94de 100644 --- a/2023/21xxx/CVE-2023-21553.json +++ b/2023/21xxx/CVE-2023-21553.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-94: Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" } ] } @@ -35,12 +36,12 @@ "product": { "product_data": [ { - "product_name": "Azure DevOps Server", + "product_name": "Azure DevOps Server 2020.1.2", "version": { "version_data": [ { "version_affected": "<", - "version_name": "20230131.0", + "version_name": "2020.1.0", "version_value": "20230131.3" } ] diff --git a/2023/21xxx/CVE-2023-21564.json b/2023/21xxx/CVE-2023-21564.json index 2e1a6e992a0..00beab16fd9 100644 --- a/2023/21xxx/CVE-2023-21564.json +++ b/2023/21xxx/CVE-2023-21564.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -35,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Azure DevOps Server", + "product_name": "Azure DevOps Server 2022", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21566.json b/2023/21xxx/CVE-2023-21566.json index 2569f42a675..432dce7b994 100644 --- a/2023/21xxx/CVE-2023-21566.json +++ b/2023/21xxx/CVE-2023-21566.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-73: External Control of File Name or Path", + "cweId": "CWE-73" } ] } @@ -35,24 +36,45 @@ "product": { "product_data": [ { - "product_name": "Microsoft Visual Studio", + "product_name": "Microsoft Visual Studio 2022 version 17.2", "version": { "version_data": [ { "version_affected": "<", "version_name": "17.2.0", "version_value": "17.2.13" - }, + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "15.9.0", "version_value": "15.9.52" - }, + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2022 version 17.4", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "17.4.0", "version_value": "17.4.5" - }, + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2022 version 17.0", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "17.0.0", @@ -62,7 +84,7 @@ } }, { - "product_name": "Microsoft Visual Studio 2019", + "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21567.json b/2023/21xxx/CVE-2023-21567.json index 311cc40070f..b07632b019d 100644 --- a/2023/21xxx/CVE-2023-21567.json +++ b/2023/21xxx/CVE-2023-21567.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } @@ -35,34 +36,31 @@ "product": { "product_data": [ { - "product_name": "Microsoft Visual Studio", + "product_name": "Microsoft Visual Studio 2022 version 17.2", "version": { "version_data": [ { "version_affected": "<", "version_name": "17.2.0", "version_value": "17.2.13" - }, - { - "version_affected": "<", - "version_name": "17.0.0", - "version_value": "17.0.19" - }, - { - "version_affected": "<", - "version_name": "15.9.0", - "version_value": "15.9.52" - }, - { - "version_affected": "<", - "version_name": "17.4.0", - "version_value": "17.4.5" } ] } }, { - "product_name": "Microsoft Visual Studio 2019", + "product_name": "Microsoft Visual Studio 2022 version 17.0", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.0.0", + "version_value": "17.0.19" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2019 version 16.11 (includes 16.0 - 16.10)", "version": { "version_data": [ { @@ -72,6 +70,30 @@ } ] } + }, + { + "product_name": "Microsoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.9.0", + "version_value": "15.9.52" + } + ] + } + }, + { + "product_name": "Microsoft Visual Studio 2022 version 17.4", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.4.0", + "version_value": "17.4.5" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21568.json b/2023/21xxx/CVE-2023-21568.json index 5d8c6e99cbc..809f8a1e73a 100644 --- a/2023/21xxx/CVE-2023-21568.json +++ b/2023/21xxx/CVE-2023-21568.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21570.json b/2023/21xxx/CVE-2023-21570.json index 1fd1f7b94e0..5b74ce868f6 100644 --- a/2023/21xxx/CVE-2023-21570.json +++ b/2023/21xxx/CVE-2023-21570.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -40,7 +41,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/21xxx/CVE-2023-21571.json b/2023/21xxx/CVE-2023-21571.json index a4f1a6e8501..142db03496e 100644 --- a/2023/21xxx/CVE-2023-21571.json +++ b/2023/21xxx/CVE-2023-21571.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -40,7 +41,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/21xxx/CVE-2023-21572.json b/2023/21xxx/CVE-2023-21572.json index bdf6d89e6a7..cc6329365ce 100644 --- a/2023/21xxx/CVE-2023-21572.json +++ b/2023/21xxx/CVE-2023-21572.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/21xxx/CVE-2023-21573.json b/2023/21xxx/CVE-2023-21573.json index 1db7a33bcdc..915e2f03a8a 100644 --- a/2023/21xxx/CVE-2023-21573.json +++ b/2023/21xxx/CVE-2023-21573.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/21xxx/CVE-2023-21684.json b/2023/21xxx/CVE-2023-21684.json index e4b772f02d4..87c02705c56 100644 --- a/2023/21xxx/CVE-2023-21684.json +++ b/2023/21xxx/CVE-2023-21684.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-191: Integer Underflow (Wrap or Wraparound)", + "cweId": "CWE-191" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21685.json b/2023/21xxx/CVE-2023-21685.json index d1a806d2f95..64a03736924 100644 --- a/2023/21xxx/CVE-2023-21685.json +++ b/2023/21xxx/CVE-2023-21685.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21686.json b/2023/21xxx/CVE-2023-21686.json index ee9f3b40661..2fe48592e64 100644 --- a/2023/21xxx/CVE-2023-21686.json +++ b/2023/21xxx/CVE-2023-21686.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21687.json b/2023/21xxx/CVE-2023-21687.json index c1621ed6679..dcdfbee5a10 100644 --- a/2023/21xxx/CVE-2023-21687.json +++ b/2023/21xxx/CVE-2023-21687.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -53,7 +54,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } diff --git a/2023/21xxx/CVE-2023-21688.json b/2023/21xxx/CVE-2023-21688.json index bcc6acaa49f..15315ede2e7 100644 --- a/2023/21xxx/CVE-2023-21688.json +++ b/2023/21xxx/CVE-2023-21688.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21689.json b/2023/21xxx/CVE-2023-21689.json index 375fb8eefac..fcb7fb80390 100644 --- a/2023/21xxx/CVE-2023-21689.json +++ b/2023/21xxx/CVE-2023-21689.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,14 +180,33 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -195,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -206,6 +250,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21690.json b/2023/21xxx/CVE-2023-21690.json index 5f2160e03be..13e110e75c0 100644 --- a/2023/21xxx/CVE-2023-21690.json +++ b/2023/21xxx/CVE-2023-21690.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,14 +180,33 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -195,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -206,6 +250,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21691.json b/2023/21xxx/CVE-2023-21691.json index 3de7ee4b850..24fd6f43fab 100644 --- a/2023/21xxx/CVE-2023-21691.json +++ b/2023/21xxx/CVE-2023-21691.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21692.json b/2023/21xxx/CVE-2023-21692.json index 01fb5d1ae7e..91a85c4db28 100644 --- a/2023/21xxx/CVE-2023-21692.json +++ b/2023/21xxx/CVE-2023-21692.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21693.json b/2023/21xxx/CVE-2023-21693.json index 04026e1155a..a20aa023369 100644 --- a/2023/21xxx/CVE-2023-21693.json +++ b/2023/21xxx/CVE-2023-21693.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21694.json b/2023/21xxx/CVE-2023-21694.json index 4bf57713b3a..3b9c94500d5 100644 --- a/2023/21xxx/CVE-2023-21694.json +++ b/2023/21xxx/CVE-2023-21694.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21695.json b/2023/21xxx/CVE-2023-21695.json index df75eb7a995..2679dcb4e83 100644 --- a/2023/21xxx/CVE-2023-21695.json +++ b/2023/21xxx/CVE-2023-21695.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21697.json b/2023/21xxx/CVE-2023-21697.json index ba67ee8cd62..3c744601345 100644 --- a/2023/21xxx/CVE-2023-21697.json +++ b/2023/21xxx/CVE-2023-21697.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows 10 Version 20H2", "version": { @@ -131,7 +144,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -143,14 +168,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -171,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -182,6 +250,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21699.json b/2023/21xxx/CVE-2023-21699.json index d89a4a60ed0..c3c6d56c2bd 100644 --- a/2023/21xxx/CVE-2023-21699.json +++ b/2023/21xxx/CVE-2023-21699.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows 10 Version 20H2", "version": { @@ -131,7 +144,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -143,14 +168,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -171,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -182,6 +250,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21700.json b/2023/21xxx/CVE-2023-21700.json index 4448929af4b..b34f8eee895 100644 --- a/2023/21xxx/CVE-2023-21700.json +++ b/2023/21xxx/CVE-2023-21700.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21701.json b/2023/21xxx/CVE-2023-21701.json index db4b83e71b9..36b966c7422 100644 --- a/2023/21xxx/CVE-2023-21701.json +++ b/2023/21xxx/CVE-2023-21701.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21702.json b/2023/21xxx/CVE-2023-21702.json index f74d2a537be..e86dc54b2ba 100644 --- a/2023/21xxx/CVE-2023-21702.json +++ b/2023/21xxx/CVE-2023-21702.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -58,6 +59,18 @@ ] } }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.17763.4010" + } + ] + } + }, { "product_name": "Windows Server 2022", "version": { @@ -89,7 +102,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22000.1574" + "version_value": "10.0.22621.1574" } ] } @@ -167,7 +180,19 @@ } }, { - "product_name": "Windows Server 2008", + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0", + "version_value": "10.0.14393.5717" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", "version": { "version_data": [ { @@ -179,14 +204,45 @@ } }, { - "product_name": "Windows Server 2008 R2", + "product_name": "Windows Server 2008 Service Pack 2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 Service Pack 2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.0.6003.21915" + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1", "version": { "version_data": [ { "version_affected": "<", "version_name": "6.1.0", "version_value": "6.1.7601.26366" - }, + } + ] + } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ { "version_affected": "<", "version_name": "6.0.0", @@ -207,6 +263,18 @@ ] } }, + { + "product_name": "Windows Server 2012 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.2.0", + "version_value": "6.2.9200.24116" + } + ] + } + }, { "product_name": "Windows Server 2012 R2", "version": { @@ -218,6 +286,18 @@ } ] } + }, + { + "product_name": "Windows Server 2012 R2 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.3.0", + "version_value": "6.3.9600.20821" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21703.json b/2023/21xxx/CVE-2023-21703.json index e46d8327608..9c4589f0b42 100644 --- a/2023/21xxx/CVE-2023-21703.json +++ b/2023/21xxx/CVE-2023-21703.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } @@ -35,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Azure Data Box", + "product_name": "Azure Data Box Gateway", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21704.json b/2023/21xxx/CVE-2023-21704.json index 1406ccbf771..2614397f8fa 100644 --- a/2023/21xxx/CVE-2023-21704.json +++ b/2023/21xxx/CVE-2023-21704.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } @@ -35,39 +36,79 @@ "product": { "product_data": [ { - "product_name": "Microsoft SQL Server", + "product_name": "Microsoft SQL Server 2017 (GDR)", "version": { "version_data": [ { "version_affected": "<", "version_name": "14.0.0", "version_value": "14.0.2047.8" - }, - { - "version_affected": "<", - "version_name": "12.0.0", - "version_value": "12.0.6444.4" - }, - { - "version_affected": "<", - "version_name": "15.0.0", - "version_value": "15.0.2101.7" - }, - { - "version_affected": "<", - "version_name": "13.0.0", - "version_value": "13.0.6430.49" - }, - { - "version_affected": "<", - "version_name": "16.0.0", - "version_value": "16.0.1050.5" } ] } }, { - "product_name": "Microsoft SQL Server 2019", + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6444.4" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (CU 4)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6174.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.2101.7" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.6430.49" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.7024.30" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (CU 18)", "version": { "version_data": [ { @@ -79,7 +120,7 @@ } }, { - "product_name": "Microsoft SQL Server 2017", + "product_name": "Microsoft SQL Server 2017 (CU 31)", "version": { "version_data": [ { @@ -89,6 +130,18 @@ } ] } + }, + { + "product_name": "Microsoft SQL Server 2022 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.0.1050.5" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21705.json b/2023/21xxx/CVE-2023-21705.json index 21acb79c721..35c34053e04 100644 --- a/2023/21xxx/CVE-2023-21705.json +++ b/2023/21xxx/CVE-2023-21705.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-321: Use of Hard-coded Cryptographic Key", + "cweId": "CWE-321" } ] } @@ -35,44 +36,103 @@ "product": { "product_data": [ { - "product_name": "Microsoft SQL Server", + "product_name": "Microsoft SQL Server 2012 Service Pack 4 (QFE)", "version": { "version_data": [ { "version_affected": "<", "version_name": "11.0.0", "version_value": "11.0.7512.11" - }, - { - "version_affected": "<", - "version_name": "14.0.0", - "version_value": "14.0.2047.8" - }, - { - "version_affected": "<", - "version_name": "12.0.0", - "version_value": "12.0.6444.4" - }, - { - "version_affected": "<", - "version_name": "15.0.0", - "version_value": "15.0.2101.7" - }, - { - "version_affected": "<", - "version_name": "13.0.0", - "version_value": "13.0.6430.49" - }, - { - "version_affected": "<", - "version_name": "16.0.0", - "version_value": "16.0.1050.5" } ] } }, { - "product_name": "Microsoft SQL Server 2017", + "product_name": "Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "14.0.0", + "version_value": "14.0.2047.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6444.4" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (CU 4)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6174.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.2101.7" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.6430.49" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.7024.30" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017 (CU 31)", "version": { "version_data": [ { @@ -84,7 +144,19 @@ } }, { - "product_name": "Microsoft SQL Server 2019", + "product_name": "Microsoft SQL Server 2022 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.0.1050.5" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (CU 18)", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21706.json b/2023/21xxx/CVE-2023-21706.json index d15548e3440..47e9992192b 100644 --- a/2023/21xxx/CVE-2023-21706.json +++ b/2023/21xxx/CVE-2023-21706.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21707.json b/2023/21xxx/CVE-2023-21707.json index 23da0f48751..43b81d1f3a6 100644 --- a/2023/21xxx/CVE-2023-21707.json +++ b/2023/21xxx/CVE-2023-21707.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21710.json b/2023/21xxx/CVE-2023-21710.json index 8523c751496..780bc77ab36 100644 --- a/2023/21xxx/CVE-2023-21710.json +++ b/2023/21xxx/CVE-2023-21710.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/21xxx/CVE-2023-21713.json b/2023/21xxx/CVE-2023-21713.json index 08397d98641..25c96333441 100644 --- a/2023/21xxx/CVE-2023-21713.json +++ b/2023/21xxx/CVE-2023-21713.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } @@ -35,44 +36,103 @@ "product": { "product_data": [ { - "product_name": "Microsoft SQL Server", + "product_name": "Microsoft SQL Server 2016 Service Pack 3 Azure Connect Feature Pack", "version": { "version_data": [ { "version_affected": "<", "version_name": "13.0.0", "version_value": "13.0.7024.30" - }, - { - "version_affected": "<", - "version_name": "12.0.0", - "version_value": "12.0.6174.8" - }, - { - "version_affected": "<", - "version_name": "15.0.0", - "version_value": "15.0.2101.7" - }, - { - "version_affected": "<", - "version_name": "11.0.0", - "version_value": "11.0.7512.11" - }, - { - "version_affected": "<", - "version_name": "14.0.0", - "version_value": "14.0.2047.8" - }, - { - "version_affected": "<", - "version_name": "16.0.0", - "version_value": "16.0.1050.5" } ] } }, { - "product_name": "Microsoft SQL Server 2019", + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (CU 4)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6174.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2014 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.0.0", + "version_value": "12.0.6444.4" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.0.0", + "version_value": "15.0.2101.7" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2016 Service Pack 3 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "13.0.0", + "version_value": "13.0.6430.49" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2012 Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "11.0.0", + "version_value": "11.0.7512.11" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2017 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "14.0.0", + "version_value": "14.0.2047.8" + } + ] + } + }, + { + "product_name": "Microsoft SQL Server 2019 (CU 18)", "version": { "version_data": [ { @@ -84,7 +144,7 @@ } }, { - "product_name": "Microsoft SQL Server 2017", + "product_name": "Microsoft SQL Server 2017 (CU 31)", "version": { "version_data": [ { @@ -94,6 +154,18 @@ } ] } + }, + { + "product_name": "Microsoft SQL Server 2022 (GDR)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "16.0.0", + "version_value": "16.0.1050.5" + } + ] + } } ] } diff --git a/2023/21xxx/CVE-2023-21756.json b/2023/21xxx/CVE-2023-21756.json index 601f1c0b1b1..ffd44b2e5c4 100644 --- a/2023/21xxx/CVE-2023-21756.json +++ b/2023/21xxx/CVE-2023-21756.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2023/21xxx/CVE-2023-21777.json b/2023/21xxx/CVE-2023-21777.json index d062b9dea41..1fc7c8c7bc3 100644 --- a/2023/21xxx/CVE-2023-21777.json +++ b/2023/21xxx/CVE-2023-21777.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" } ] } @@ -35,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Azure Stack", + "product_name": "Azure App Service on Azure Stack Hub", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21778.json b/2023/21xxx/CVE-2023-21778.json index e7ce0baa411..fa9ce35682a 100644 --- a/2023/21xxx/CVE-2023-21778.json +++ b/2023/21xxx/CVE-2023-21778.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')", + "cweId": "CWE-77" } ] } @@ -35,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Microsoft Dynamics 365", + "product_name": "Microsoft Dynamics 365 Unified Service Desk", "version": { "version_data": [ { @@ -66,8 +67,8 @@ { "version": "3.1", "baseSeverity": "HIGH", - "baseScore": 8.3, - "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" + "baseScore": 8, + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } ] } diff --git a/2023/21xxx/CVE-2023-21794.json b/2023/21xxx/CVE-2023-21794.json index 75479f5d6e9..937683e5fb3 100644 --- a/2023/21xxx/CVE-2023-21794.json +++ b/2023/21xxx/CVE-2023-21794.json @@ -35,7 +35,7 @@ "product": { "product_data": [ { - "product_name": "Microsoft Edge", + "product_name": "Microsoft Edge (Chromium-based)", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21806.json b/2023/21xxx/CVE-2023-21806.json index 0b13bb9c14b..a6c12ee5374 100644 --- a/2023/21xxx/CVE-2023-21806.json +++ b/2023/21xxx/CVE-2023-21806.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -35,7 +36,7 @@ "product": { "product_data": [ { - "product_name": "Power BI Report Server", + "product_name": "Power BI Report Server - January 2023", "version": { "version_data": [ { diff --git a/2023/21xxx/CVE-2023-21807.json b/2023/21xxx/CVE-2023-21807.json index 89925608150..a5e30027b32 100644 --- a/2023/21xxx/CVE-2023-21807.json +++ b/2023/21xxx/CVE-2023-21807.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } @@ -40,7 +41,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.16.20" } ] diff --git a/2023/29xxx/CVE-2023-29347.json b/2023/29xxx/CVE-2023-29347.json index 206ab970fc2..2637ea200b6 100644 --- a/2023/29xxx/CVE-2023-29347.json +++ b/2023/29xxx/CVE-2023-29347.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } diff --git a/2023/32xxx/CVE-2023-32033.json b/2023/32xxx/CVE-2023-32033.json index 4689c5ca37a..3db90163cd0 100644 --- a/2023/32xxx/CVE-2023-32033.json +++ b/2023/32xxx/CVE-2023-32033.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -142,6 +143,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32034.json b/2023/32xxx/CVE-2023-32034.json index 30cc85a9392..c5179938c77 100644 --- a/2023/32xxx/CVE-2023-32034.json +++ b/2023/32xxx/CVE-2023-32034.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32035.json b/2023/32xxx/CVE-2023-32035.json index 49589d59cff..c454482d5c9 100644 --- a/2023/32xxx/CVE-2023-32035.json +++ b/2023/32xxx/CVE-2023-32035.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32037.json b/2023/32xxx/CVE-2023-32037.json index dee0f645cd4..1533f906978 100644 --- a/2023/32xxx/CVE-2023-32037.json +++ b/2023/32xxx/CVE-2023-32037.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } diff --git a/2023/32xxx/CVE-2023-32038.json b/2023/32xxx/CVE-2023-32038.json index 21a34b55108..f170e80d1cd 100644 --- a/2023/32xxx/CVE-2023-32038.json +++ b/2023/32xxx/CVE-2023-32038.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32039.json b/2023/32xxx/CVE-2023-32039.json index ceaf6bdca15..38d7ee9c6b6 100644 --- a/2023/32xxx/CVE-2023-32039.json +++ b/2023/32xxx/CVE-2023-32039.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } diff --git a/2023/32xxx/CVE-2023-32040.json b/2023/32xxx/CVE-2023-32040.json index 82f74150cc2..a08d2e1d3c6 100644 --- a/2023/32xxx/CVE-2023-32040.json +++ b/2023/32xxx/CVE-2023-32040.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-822: Untrusted Pointer Dereference", + "cweId": "CWE-822" } ] } diff --git a/2023/32xxx/CVE-2023-32041.json b/2023/32xxx/CVE-2023-32041.json index 3a1e694336f..162cc758f9d 100644 --- a/2023/32xxx/CVE-2023-32041.json +++ b/2023/32xxx/CVE-2023-32041.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-908: Use of Uninitialized Resource", + "cweId": "CWE-908" } ] } diff --git a/2023/32xxx/CVE-2023-32042.json b/2023/32xxx/CVE-2023-32042.json index ffcc21cab0d..0cb4953631f 100644 --- a/2023/32xxx/CVE-2023-32042.json +++ b/2023/32xxx/CVE-2023-32042.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-908: Use of Uninitialized Resource", + "cweId": "CWE-908" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32043.json b/2023/32xxx/CVE-2023-32043.json index 20f24241e8d..b7f6e2e6e73 100644 --- a/2023/32xxx/CVE-2023-32043.json +++ b/2023/32xxx/CVE-2023-32043.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Security Feature Bypass" + "value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm", + "cweId": "CWE-327" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32044.json b/2023/32xxx/CVE-2023-32044.json index 83484cc9132..62f32eec3d1 100644 --- a/2023/32xxx/CVE-2023-32044.json +++ b/2023/32xxx/CVE-2023-32044.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32045.json b/2023/32xxx/CVE-2023-32045.json index 0ac0a7c13ed..7d5464f7055 100644 --- a/2023/32xxx/CVE-2023-32045.json +++ b/2023/32xxx/CVE-2023-32045.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-125: Out-of-bounds Read", + "cweId": "CWE-125" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32046.json b/2023/32xxx/CVE-2023-32046.json index 198eb417d6c..d5aaa75fd6b 100644 --- a/2023/32xxx/CVE-2023-32046.json +++ b/2023/32xxx/CVE-2023-32046.json @@ -226,6 +226,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32047.json b/2023/32xxx/CVE-2023-32047.json index 261442e4a1b..0c5541fd248 100644 --- a/2023/32xxx/CVE-2023-32047.json +++ b/2023/32xxx/CVE-2023-32047.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } diff --git a/2023/32xxx/CVE-2023-32050.json b/2023/32xxx/CVE-2023-32050.json index 15eab0aa5d8..f2d4d94d1f5 100644 --- a/2023/32xxx/CVE-2023-32050.json +++ b/2023/32xxx/CVE-2023-32050.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } @@ -81,6 +82,18 @@ } ] } + }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } } ] } diff --git a/2023/32xxx/CVE-2023-32051.json b/2023/32xxx/CVE-2023-32051.json index 2cad9b5e777..ff12e1427b5 100644 --- a/2023/32xxx/CVE-2023-32051.json +++ b/2023/32xxx/CVE-2023-32051.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-190: Integer Overflow or Wraparound", + "cweId": "CWE-190" } ] } diff --git a/2023/32xxx/CVE-2023-32052.json b/2023/32xxx/CVE-2023-32052.json index 053e306a836..b352863b5e7 100644 --- a/2023/32xxx/CVE-2023-32052.json +++ b/2023/32xxx/CVE-2023-32052.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Spoofing" + "value": "CWE-918: Server-Side Request Forgery (SSRF)", + "cweId": "CWE-918" } ] } diff --git a/2023/32xxx/CVE-2023-32053.json b/2023/32xxx/CVE-2023-32053.json index 8465f0be9fb..9c3e44ee1fc 100644 --- a/2023/32xxx/CVE-2023-32053.json +++ b/2023/32xxx/CVE-2023-32053.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } @@ -190,6 +191,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32054.json b/2023/32xxx/CVE-2023-32054.json index 37dfb3e3892..c589f16a613 100644 --- a/2023/32xxx/CVE-2023-32054.json +++ b/2023/32xxx/CVE-2023-32054.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-36: Absolute Path Traversal", + "cweId": "CWE-36" } ] } @@ -190,6 +191,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32055.json b/2023/32xxx/CVE-2023-32055.json index 138172eaa66..39b80a76b97 100644 --- a/2023/32xxx/CVE-2023-32055.json +++ b/2023/32xxx/CVE-2023-32055.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32056.json b/2023/32xxx/CVE-2023-32056.json index 12c54d88232..398ddd9f63a 100644 --- a/2023/32xxx/CVE-2023-32056.json +++ b/2023/32xxx/CVE-2023-32056.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } diff --git a/2023/32xxx/CVE-2023-32057.json b/2023/32xxx/CVE-2023-32057.json index 14fa104d3b1..a0ebf5c3e70 100644 --- a/2023/32xxx/CVE-2023-32057.json +++ b/2023/32xxx/CVE-2023-32057.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Microsoft Message Queuing Remote Code Execution Vulnerability" + "value": "Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability" } ] }, @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-20: Improper Input Validation", + "cweId": "CWE-20" } ] } @@ -226,6 +227,18 @@ ] } }, + { + "product_name": "Windows Server 2008 R2 Service Pack 1 (Server Core installation)", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "6.0.0", + "version_value": "6.1.7601.26623" + } + ] + } + }, { "product_name": "Windows Server 2012", "version": { diff --git a/2023/32xxx/CVE-2023-32083.json b/2023/32xxx/CVE-2023-32083.json index 19039378f12..e44fdb04caa 100644 --- a/2023/32xxx/CVE-2023-32083.json +++ b/2023/32xxx/CVE-2023-32083.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-122: Heap-based Buffer Overflow", + "cweId": "CWE-122" } ] } diff --git a/2023/32xxx/CVE-2023-32084.json b/2023/32xxx/CVE-2023-32084.json index 8a57fbe0396..a3714394b68 100644 --- a/2023/32xxx/CVE-2023-32084.json +++ b/2023/32xxx/CVE-2023-32084.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Denial of Service" + "value": "CWE-476: NULL Pointer Dereference", + "cweId": "CWE-476" } ] } diff --git a/2023/32xxx/CVE-2023-32085.json b/2023/32xxx/CVE-2023-32085.json index 62c81623724..f44b8b41abf 100644 --- a/2023/32xxx/CVE-2023-32085.json +++ b/2023/32xxx/CVE-2023-32085.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Information Disclosure" + "value": "CWE-126: Buffer Over-read", + "cweId": "CWE-126" } ] } diff --git a/2023/33xxx/CVE-2023-33127.json b/2023/33xxx/CVE-2023-33127.json index ba976321d3a..62322b725f1 100644 --- a/2023/33xxx/CVE-2023-33127.json +++ b/2023/33xxx/CVE-2023-33127.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-1220: Insufficient Granularity of Access Control", + "cweId": "CWE-1220" } ] } diff --git a/2023/33xxx/CVE-2023-33134.json b/2023/33xxx/CVE-2023-33134.json index 78c743dfb32..5989c5bf3a7 100644 --- a/2023/33xxx/CVE-2023-33134.json +++ b/2023/33xxx/CVE-2023-33134.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" } ] } diff --git a/2023/33xxx/CVE-2023-33148.json b/2023/33xxx/CVE-2023-33148.json index b198070fd8a..f8b2c58d0f9 100644 --- a/2023/33xxx/CVE-2023-33148.json +++ b/2023/33xxx/CVE-2023-33148.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Elevation of Privilege" + "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", + "cweId": "CWE-59" } ] } diff --git a/2023/33xxx/CVE-2023-33149.json b/2023/33xxx/CVE-2023-33149.json index 77230c4bbaa..64346acc734 100644 --- a/2023/33xxx/CVE-2023-33149.json +++ b/2023/33xxx/CVE-2023-33149.json @@ -21,7 +21,8 @@ "description": [ { "lang": "eng", - "value": "Remote Code Execution" + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" } ] } diff --git a/2024/31xxx/CVE-2024-31158.json b/2024/31xxx/CVE-2024-31158.json new file mode 100644 index 00000000000..967f3c64123 --- /dev/null +++ b/2024/31xxx/CVE-2024-31158.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-31158", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/32xxx/CVE-2024-32940.json b/2024/32xxx/CVE-2024-32940.json new file mode 100644 index 00000000000..87925d656c2 --- /dev/null +++ b/2024/32xxx/CVE-2024-32940.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-32940", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/34xxx/CVE-2024-34165.json b/2024/34xxx/CVE-2024-34165.json new file mode 100644 index 00000000000..77416b6ce08 --- /dev/null +++ b/2024/34xxx/CVE-2024-34165.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-34165", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/34xxx/CVE-2024-34545.json b/2024/34xxx/CVE-2024-34545.json new file mode 100644 index 00000000000..0d044097ec5 --- /dev/null +++ b/2024/34xxx/CVE-2024-34545.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-34545", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36261.json b/2024/36xxx/CVE-2024-36261.json new file mode 100644 index 00000000000..7ed56fa0232 --- /dev/null +++ b/2024/36xxx/CVE-2024-36261.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36261", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36276.json b/2024/36xxx/CVE-2024-36276.json new file mode 100644 index 00000000000..a138878e057 --- /dev/null +++ b/2024/36xxx/CVE-2024-36276.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36276", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36291.json b/2024/36xxx/CVE-2024-36291.json new file mode 100644 index 00000000000..7d3dab27e27 --- /dev/null +++ b/2024/36xxx/CVE-2024-36291.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36291", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36297.json b/2024/36xxx/CVE-2024-36297.json new file mode 100644 index 00000000000..0d3ca989940 --- /dev/null +++ b/2024/36xxx/CVE-2024-36297.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36297", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/36xxx/CVE-2024-36483.json b/2024/36xxx/CVE-2024-36483.json new file mode 100644 index 00000000000..061e1ef7a0f --- /dev/null +++ b/2024/36xxx/CVE-2024-36483.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-36483", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/5xxx/CVE-2024-5150.json b/2024/5xxx/CVE-2024-5150.json index d6b0f794be7..fec77ef0fa4 100644 --- a/2024/5xxx/CVE-2024-5150.json +++ b/2024/5xxx/CVE-2024-5150.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5150", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Login with phone number plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.7.26. This is due to the 'activation_code' default value is empty, and the not empty check is missing in the 'lwp_ajax_register' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the user email. The vulnerability is patched in version 1.7.26, but there is an issue in the patch that causes the entire function to not work, and this issue is fixed in version 1.7.27." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "glboy", + "product": { + "product_data": [ + { + "product_name": "Login with phone number", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.7.26" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cf34eb9f-f6e9-4a7a-8459-c86f9fa3dad8?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cf34eb9f-f6e9-4a7a-8459-c86f9fa3dad8?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4183", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4183" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4220", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4220" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4241", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/login-with-phone-number/tags/1.7.25/login-with-phonenumber.php#L4241" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3090625/login-with-phone-number", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3090625/login-with-phone-number" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3090754/login-with-phone-number#file5", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3090754/login-with-phone-number#file5" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Istv\u00e1n M\u00e1rton" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" } ] } diff --git a/2024/5xxx/CVE-2024-5204.json b/2024/5xxx/CVE-2024-5204.json index a21c391aea2..f792d3febbe 100644 --- a/2024/5xxx/CVE-2024-5204.json +++ b/2024/5xxx/CVE-2024-5204.json @@ -1,17 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-5204", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Swiss Toolkit For WP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.7. This is due to the plugin storing custom data in post metadata without an underscore prefix. This makes it possible for authenticated attackers with contributor-level and above permissions to log in as any existing user on the site, such as an administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "boomdevs", + "product": { + "product_data": [ + { + "product_name": "Swiss Toolkit For WP", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.0.7" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8526106-847a-420f-9275-f759a8dd4dfb?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a8526106-847a-420f-9275-f759a8dd4dfb?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/swiss-toolkit-for-wp/trunk/includes/plugins/class-boomdevs-swiss-toolkit-generate-login-url.php?rev=3077000#L50", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/swiss-toolkit-for-wp/trunk/includes/plugins/class-boomdevs-swiss-toolkit-generate-login-url.php?rev=3077000#L50" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3091913/swiss-toolkit-for-wp", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3091913/swiss-toolkit-for-wp" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Istv\u00e1n M\u00e1rton" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH" } ] }