diff --git a/mapping.csv b/mapping.csv index 065d30d6c12..5ac0479b4ae 100644 --- a/mapping.csv +++ b/mapping.csv @@ -218057,3 +218057,76 @@ vulnerability,CVE-2023-6187,vulnerability--92e1369f-48d7-4e3b-8bad-fc63dd4b636d vulnerability,CVE-2023-41129,vulnerability--eddac17b-fa14-4f99-a3f6-0c6ed62b839d vulnerability,CVE-2023-28780,vulnerability--0d5d75c5-441e-47a4-89df-9fa6ecc0d5c1 vulnerability,CVE-2023-5341,vulnerability--b459d129-830f-4577-aacb-2770e444222d +vulnerability,CVE-2021-22636,vulnerability--7cf8069e-9b01-462c-856a-6a2376982e07 +vulnerability,CVE-2021-27429,vulnerability--53c4209f-013b-44c5-b30d-5b41d5145dcb +vulnerability,CVE-2022-46337,vulnerability--4c08f0c3-2eca-48a0-8641-7f90365a30fb +vulnerability,CVE-2023-38884,vulnerability--63c3a7d0-7374-40c7-b218-cbfb98a91489 +vulnerability,CVE-2023-38885,vulnerability--3e54b460-020e-4408-b528-2d16a8ca7518 +vulnerability,CVE-2023-38879,vulnerability--77120df7-ba45-4b33-b669-b931d5baa3b5 +vulnerability,CVE-2023-38882,vulnerability--9a90fe4c-0363-4fa2-a958-18cd63c5b028 +vulnerability,CVE-2023-38880,vulnerability--dcd83285-8e50-4f09-a5ad-2b8c6d9b323a +vulnerability,CVE-2023-38881,vulnerability--93a0977a-b89a-47e2-b11f-104dbcd353f9 +vulnerability,CVE-2023-38823,vulnerability--9104e4ed-8432-4bff-b4ef-6870cc53e4b3 +vulnerability,CVE-2023-38883,vulnerability--fa4104be-dfcb-4167-95d0-1fb4ebd012cc +vulnerability,CVE-2023-47217,vulnerability--86122faa-3a8b-4ad0-b261-19211aece518 +vulnerability,CVE-2023-47175,vulnerability--c8e94c06-cdc7-45fb-bf08-29f1f49d2a39 +vulnerability,CVE-2023-47311,vulnerability--c0b24705-87ed-4fbb-abc6-4292e7400f2e +vulnerability,CVE-2023-47417,vulnerability--aa483005-a412-4dd8-9b46-58ffe43a9316 +vulnerability,CVE-2023-47172,vulnerability--4b1f658c-9f24-4a27-a191-b19b415a7668 +vulnerability,CVE-2023-47772,vulnerability--d0c839c0-8409-4249-b143-ba9f3705f9de +vulnerability,CVE-2023-5610,vulnerability--f4451461-ba85-4444-980d-2f033b44b12a +vulnerability,CVE-2023-5509,vulnerability--d6d5cb2a-5ed9-4049-8bef-1d568afff34e +vulnerability,CVE-2023-5609,vulnerability--e1b2dfca-ef48-47de-9a3e-3c6ef722c07b +vulnerability,CVE-2023-5340,vulnerability--4ee8b2d0-9666-49cd-86bd-c27eb7f990f9 +vulnerability,CVE-2023-5140,vulnerability--0b0b4590-778e-43d0-b2c1-8da66a2d42df +vulnerability,CVE-2023-5640,vulnerability--021375a5-0114-4409-b4d4-a964dcfd8b57 +vulnerability,CVE-2023-5652,vulnerability--78857509-0ba8-4a01-aadd-bba362f56bb7 +vulnerability,CVE-2023-5343,vulnerability--8dd719f0-5244-445a-8b31-c73fff4b1fae +vulnerability,CVE-2023-5593,vulnerability--0f401533-e954-41a5-bf97-68f706699b14 +vulnerability,CVE-2023-5651,vulnerability--4eefbaec-b250-40d9-8c0f-cb8972f769b6 +vulnerability,CVE-2023-5119,vulnerability--7c3725da-7c8e-478a-9e2e-a6048c09ae9f +vulnerability,CVE-2023-5799,vulnerability--18d2380f-b644-473b-b75e-da52f2e5ce27 +vulnerability,CVE-2023-4808,vulnerability--3fa8890c-f406-401a-a4da-7b36e6c887cf +vulnerability,CVE-2023-4824,vulnerability--79108105-0227-44f2-ab23-ad47316a8b03 +vulnerability,CVE-2023-4970,vulnerability--5f64a996-7165-46fa-a7b7-5b21b319ee49 +vulnerability,CVE-2023-4799,vulnerability--eb21c840-6c74-4588-a93f-48c0ab00560b +vulnerability,CVE-2023-48110,vulnerability--96eb395a-5146-4c44-83ba-f5dc007b1663 +vulnerability,CVE-2023-48310,vulnerability--f1099024-204a-4272-86cf-1653d802b4b9 +vulnerability,CVE-2023-48192,vulnerability--da62089b-14d6-4ca3-9bdc-314dd8ea9cfb +vulnerability,CVE-2023-48292,vulnerability--2387302b-6dbf-4059-b754-0e0226416d85 +vulnerability,CVE-2023-48241,vulnerability--24f63e60-98a7-46ee-9f31-f8064b1d6769 +vulnerability,CVE-2023-48051,vulnerability--cda9ecf1-fb52-46ab-8912-da2dd25b486d +vulnerability,CVE-2023-48240,vulnerability--aa25822e-f6dd-467e-a7f0-c741ff87088f +vulnerability,CVE-2023-48218,vulnerability--8f59e6d0-a7dc-4153-958e-ec6a6fdef1c5 +vulnerability,CVE-2023-48090,vulnerability--abac584f-ca56-447e-be41-525bb569c37e +vulnerability,CVE-2023-48109,vulnerability--886eb65e-10fa-42b8-b747-d337186775a4 +vulnerability,CVE-2023-48293,vulnerability--cd33e5dc-b197-4145-9757-3ca708221265 +vulnerability,CVE-2023-48221,vulnerability--f0c5aa86-cb51-4290-bafd-950749742a4c +vulnerability,CVE-2023-48223,vulnerability--58207164-479e-4531-8d2c-dbab1b79b3fd +vulnerability,CVE-2023-48300,vulnerability--76a79d84-8c58-4e49-9a18-073944169ecd +vulnerability,CVE-2023-48176,vulnerability--32bce542-e9e1-4cf6-91e1-57aca40a6fbb +vulnerability,CVE-2023-48309,vulnerability--351d064b-9d8c-44e3-8587-231eae923d73 +vulnerability,CVE-2023-48111,vulnerability--97c79490-1ab8-4490-8d71-22987d8349d8 +vulnerability,CVE-2023-48039,vulnerability--5c6424ba-14fd-4974-97d7-3a09bd2e9ab7 +vulnerability,CVE-2023-35762,vulnerability--aba74958-d561-4a3c-b1d6-eb896bc6b7cf +vulnerability,CVE-2023-6045,vulnerability--f46a1f91-6dc6-4b8a-9863-f6dd66a61b0f +vulnerability,CVE-2023-6062,vulnerability--f52bc8c4-9457-4caf-af8c-2cbc5d7f339b +vulnerability,CVE-2023-6199,vulnerability--3d3c327b-f090-43c6-a3c9-9db4d99ae5dd +vulnerability,CVE-2023-6178,vulnerability--a34c2a96-efa8-4068-8af2-6f7d0ac3fc42 +vulnerability,CVE-2023-6197,vulnerability--27adde62-9609-40dc-9c39-b2cbe8b24e7c +vulnerability,CVE-2023-6196,vulnerability--8030b3de-1ff7-421d-94b3-9452803e5229 +vulnerability,CVE-2023-6144,vulnerability--bcdb5f02-9a0f-4a21-b98c-7bd6aa05041e +vulnerability,CVE-2023-6142,vulnerability--c59c61dd-62d8-4325-a675-464c1fc4d79d +vulnerability,CVE-2023-3116,vulnerability--ec453fdd-701c-4296-8266-7b361b4a8da7 +vulnerability,CVE-2023-3379,vulnerability--ac2f7e54-28c8-4daf-8fd6-bc71f57aabee +vulnerability,CVE-2023-43612,vulnerability--49e05c0a-a10f-4645-a44d-af028bde40e2 +vulnerability,CVE-2023-36013,vulnerability--e3d510d6-ca11-4194-929f-de1ad7d1d2ed +vulnerability,CVE-2023-42774,vulnerability--8f94eb78-fded-4c50-b222-975d185fa134 +vulnerability,CVE-2023-29155,vulnerability--40e60946-f856-42bf-a9a3-c2c544f209b1 +vulnerability,CVE-2023-46100,vulnerability--87718cdd-ca26-41b0-8211-8c853471e542 +vulnerability,CVE-2023-46990,vulnerability--cc7d4f69-fddf-4c4b-85e2-218b9f87705d +vulnerability,CVE-2023-46700,vulnerability--ad064360-0fca-46be-ba0f-cc41e4bf12d3 +vulnerability,CVE-2023-46471,vulnerability--6d42e8a1-4ff0-49d9-8a40-685966a94905 +vulnerability,CVE-2023-46470,vulnerability--c7b49e7b-f8de-4e71-a37c-79daffc89883 +vulnerability,CVE-2023-46302,vulnerability--080bcf04-425d-4eff-bbd1-14ee8a84bd1d +vulnerability,CVE-2023-46705,vulnerability--60b38199-7bf1-418b-9c39-8916e8389ae1 diff --git a/objects/vulnerability/vulnerability--021375a5-0114-4409-b4d4-a964dcfd8b57.json b/objects/vulnerability/vulnerability--021375a5-0114-4409-b4d4-a964dcfd8b57.json new file mode 100644 index 00000000000..313db57d383 --- /dev/null +++ b/objects/vulnerability/vulnerability--021375a5-0114-4409-b4d4-a964dcfd8b57.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--54797ed6-8c72-4de2-8497-aca876f57fbd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--021375a5-0114-4409-b4d4-a964dcfd8b57", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.549345Z", + "modified": "2023-11-21T00:16:55.549345Z", + "name": "CVE-2023-5640", + "description": "The Article Analytics WordPress plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection vulnerability.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5640" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--080bcf04-425d-4eff-bbd1-14ee8a84bd1d.json b/objects/vulnerability/vulnerability--080bcf04-425d-4eff-bbd1-14ee8a84bd1d.json new file mode 100644 index 00000000000..d87c3df6577 --- /dev/null +++ b/objects/vulnerability/vulnerability--080bcf04-425d-4eff-bbd1-14ee8a84bd1d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7716a7c6-9c51-4994-90ea-6d34516953ff", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--080bcf04-425d-4eff-bbd1-14ee8a84bd1d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.177339Z", + "modified": "2023-11-21T00:16:57.177339Z", + "name": "CVE-2023-46302", + "description": "Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 .\n\nApache Submarine uses JAXRS to define REST endpoints. In order to\nhandle YAML requests (using application/yaml content-type), it defines\na YamlEntityProvider entity provider that will process all incoming\nYAML requests. In order to unmarshal the request, the readFrom method\nis invoked, passing the entityStream containing the user-supplied data in `submarine-server/server-core/src/main/java/org/apache/submarine/server/utils/YamlUtils.java`.\n \nWe have now fixed this issue in the new version by replacing to `jackson-dataformat-yaml`.\nThis issue affects Apache Submarine: from 0.7.0 before 0.8.0. Users are recommended to upgrade to version 0.8.0, which fixes this issue.\nIf using the version smaller than 0.8.0 and not want to upgrade, you can try cherry-pick PR https://github.com/apache/submarine/pull/1054 and rebuild the submart-server image to fix this.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46302" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0b0b4590-778e-43d0-b2c1-8da66a2d42df.json b/objects/vulnerability/vulnerability--0b0b4590-778e-43d0-b2c1-8da66a2d42df.json new file mode 100644 index 00000000000..263490e2ff6 --- /dev/null +++ b/objects/vulnerability/vulnerability--0b0b4590-778e-43d0-b2c1-8da66a2d42df.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cb4c34ed-696b-411b-a070-28066837ef9f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0b0b4590-778e-43d0-b2c1-8da66a2d42df", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.544442Z", + "modified": "2023-11-21T00:16:55.544442Z", + "name": "CVE-2023-5140", + "description": "The Bonus for Woo WordPress plugin before 5.8.3 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5140" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--0f401533-e954-41a5-bf97-68f706699b14.json b/objects/vulnerability/vulnerability--0f401533-e954-41a5-bf97-68f706699b14.json new file mode 100644 index 00000000000..e2f6417ff26 --- /dev/null +++ b/objects/vulnerability/vulnerability--0f401533-e954-41a5-bf97-68f706699b14.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1a43c966-3fc8-4ec0-a758-db6c4db803d3", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--0f401533-e954-41a5-bf97-68f706699b14", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.565052Z", + "modified": "2023-11-21T00:16:55.565052Z", + "name": "CVE-2023-5593", + "description": "The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5593" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--18d2380f-b644-473b-b75e-da52f2e5ce27.json b/objects/vulnerability/vulnerability--18d2380f-b644-473b-b75e-da52f2e5ce27.json new file mode 100644 index 00000000000..cb484f89bda --- /dev/null +++ b/objects/vulnerability/vulnerability--18d2380f-b644-473b-b75e-da52f2e5ce27.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--45fa72e7-2e2d-4465-beac-a56dfc2f8b95", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--18d2380f-b644-473b-b75e-da52f2e5ce27", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.57231Z", + "modified": "2023-11-21T00:16:55.57231Z", + "name": "CVE-2023-5799", + "description": "The WP Hotel Booking WordPress plugin before 2.0.8 does not have proper authorisation when deleting a package, allowing Contributor and above roles to delete posts that do no belong to them", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5799" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--2387302b-6dbf-4059-b754-0e0226416d85.json b/objects/vulnerability/vulnerability--2387302b-6dbf-4059-b754-0e0226416d85.json new file mode 100644 index 00000000000..891f97cf3b5 --- /dev/null +++ b/objects/vulnerability/vulnerability--2387302b-6dbf-4059-b754-0e0226416d85.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3bf216c5-b728-409b-b3e2-ea5aaec54633", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--2387302b-6dbf-4059-b754-0e0226416d85", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.810124Z", + "modified": "2023-11-21T00:16:55.810124Z", + "name": "CVE-2023-48292", + "description": "The XWiki Admin Tools Application provides tools to help the administration of XWiki. Starting in version 4.4 and prior to version 4.5.1, a cross site request forgery vulnerability in the admin tool for executing shell commands on the server allows an attacker to execute arbitrary shell commands by tricking an admin into loading the URL with the shell command. A very simple possibility for an attack are comments. When the attacker can leave a comment on any page in the wiki it is sufficient to include an image with an URL like `/xwiki/bin/view/Admin/RunShellCommand?command=touch%20/tmp/attacked` in the comment. When an admin views the comment, the file `/tmp/attacked` will be created on the server. The output of the command is also vulnerable to XWiki syntax injection which offers a simple way to execute Groovy in the context of the XWiki installation and thus an even easier way to compromise the integrity and confidentiality of the whole XWiki installation. This has been patched by adding a form token check in version 4.5.1 of the admin tools. Some workarounds are available. The patch can be applied manually to the affected wiki pages. Alternatively, the document `Admin.RunShellCommand` can also be deleted if the possibility to run shell commands isn't needed.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48292" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--24f63e60-98a7-46ee-9f31-f8064b1d6769.json b/objects/vulnerability/vulnerability--24f63e60-98a7-46ee-9f31-f8064b1d6769.json new file mode 100644 index 00000000000..ebd55a3fa2b --- /dev/null +++ b/objects/vulnerability/vulnerability--24f63e60-98a7-46ee-9f31-f8064b1d6769.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f303c5e6-4a4e-4fcc-b8b7-9cb9d30c3352", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--24f63e60-98a7-46ee-9f31-f8064b1d6769", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.811701Z", + "modified": "2023-11-21T00:16:55.811701Z", + "name": "CVE-2023-48241", + "description": "XWiki Platform is a generic wiki platform. Starting in version 6.3-milestone-2 and prior to versions 14.10.15, 15.5.1, and 15.6RC1, the Solr-based search suggestion provider that also duplicates as generic JavaScript API for search results in XWiki exposes the content of all documents of all wikis to anybody who has access to it, by default it is public. This exposes all information stored in the wiki (but not some protected information like password hashes). While there is a right check normally, the right check can be circumvented by explicitly requesting fields from Solr that don't include the data for the right check. This has been fixed in XWiki 15.6RC1, 15.5.1 and 14.10.15 by not listing documents whose rights cannot be checked. No known workarounds are available.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48241" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--27adde62-9609-40dc-9c39-b2cbe8b24e7c.json b/objects/vulnerability/vulnerability--27adde62-9609-40dc-9c39-b2cbe8b24e7c.json new file mode 100644 index 00000000000..8e3da13b85e --- /dev/null +++ b/objects/vulnerability/vulnerability--27adde62-9609-40dc-9c39-b2cbe8b24e7c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7ea3ea1a-0e38-46ee-913c-7fee11edd9e7", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--27adde62-9609-40dc-9c39-b2cbe8b24e7c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.972012Z", + "modified": "2023-11-21T00:16:55.972012Z", + "name": "CVE-2023-6197", + "description": "The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the audio_merchant_save_settings function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6197" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--32bce542-e9e1-4cf6-91e1-57aca40a6fbb.json b/objects/vulnerability/vulnerability--32bce542-e9e1-4cf6-91e1-57aca40a6fbb.json new file mode 100644 index 00000000000..390531c58d5 --- /dev/null +++ b/objects/vulnerability/vulnerability--32bce542-e9e1-4cf6-91e1-57aca40a6fbb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3c72ff22-39a9-4cc2-985a-8f3593621daf", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--32bce542-e9e1-4cf6-91e1-57aca40a6fbb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.845047Z", + "modified": "2023-11-21T00:16:55.845047Z", + "name": "CVE-2023-48176", + "description": "An Insecure Permissions issue in WebsiteGuide v.0.2 allows a remote attacker to gain escalated privileges via crafted jwt (JSON web token).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48176" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--351d064b-9d8c-44e3-8587-231eae923d73.json b/objects/vulnerability/vulnerability--351d064b-9d8c-44e3-8587-231eae923d73.json new file mode 100644 index 00000000000..6468bfd00a3 --- /dev/null +++ b/objects/vulnerability/vulnerability--351d064b-9d8c-44e3-8587-231eae923d73.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--8ffa0da9-0b0d-4241-9468-916f38d3c701", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--351d064b-9d8c-44e3-8587-231eae923d73", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.846133Z", + "modified": "2023-11-21T00:16:55.846133Z", + "name": "CVE-2023-48309", + "description": "NextAuth.js provides authentication for Next.js. `next-auth` applications prior to version 4.24.5 that rely on the default Middleware authorization are affected by a vulnerability. A bad actor could create an empty/mock user, by getting hold of a NextAuth.js-issued JWT from an interrupted OAuth sign-in flow (state, PKCE or nonce). Manually overriding the `next-auth.session-token` cookie value with this non-related JWT would let the user simulate a logged in user, albeit having no user information associated with it. (The only property on this user is an opaque randomly generated string). This vulnerability does not give access to other users' data, neither to resources that require proper authorization via scopes or other means. The created mock user has no information associated with it (ie. no name, email, access_token, etc.) This vulnerability can be exploited by bad actors to peek at logged in user states (e.g. dashboard layout). `next-auth` `v4.24.5` contains a patch for the vulnerability. As a workaround, using a custom authorization callback for Middleware, developers can manually do a basic authentication.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48309" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3d3c327b-f090-43c6-a3c9-9db4d99ae5dd.json b/objects/vulnerability/vulnerability--3d3c327b-f090-43c6-a3c9-9db4d99ae5dd.json new file mode 100644 index 00000000000..1f40d17d4fc --- /dev/null +++ b/objects/vulnerability/vulnerability--3d3c327b-f090-43c6-a3c9-9db4d99ae5dd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--811ecf59-746b-4bcf-8904-ed4fafeb08b2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3d3c327b-f090-43c6-a3c9-9db4d99ae5dd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.968718Z", + "modified": "2023-11-21T00:16:55.968718Z", + "name": "CVE-2023-6199", + "description": "Book Stack version 23.10.2 allows filtering local files on the server. This is possible because the application is vulnerable to SSRF.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6199" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3e54b460-020e-4408-b528-2d16a8ca7518.json b/objects/vulnerability/vulnerability--3e54b460-020e-4408-b528-2d16a8ca7518.json new file mode 100644 index 00000000000..5a260225a87 --- /dev/null +++ b/objects/vulnerability/vulnerability--3e54b460-020e-4408-b528-2d16a8ca7518.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c9f57150-9fe5-4491-b600-5c00f687e6c9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3e54b460-020e-4408-b528-2d16a8ca7518", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.093254Z", + "modified": "2023-11-21T00:16:55.093254Z", + "name": "CVE-2023-38885", + "description": "OpenSIS Classic Community Edition version 9.0 lacks cross-site request forgery (CSRF) protection throughout the whole app. This may allow an attacker to trick an authenticated user into performing any kind of state changing request.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38885" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--3fa8890c-f406-401a-a4da-7b36e6c887cf.json b/objects/vulnerability/vulnerability--3fa8890c-f406-401a-a4da-7b36e6c887cf.json new file mode 100644 index 00000000000..226c022df70 --- /dev/null +++ b/objects/vulnerability/vulnerability--3fa8890c-f406-401a-a4da-7b36e6c887cf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0ae5c339-8dbe-42e7-a596-e908df7b0cbd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--3fa8890c-f406-401a-a4da-7b36e6c887cf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.697006Z", + "modified": "2023-11-21T00:16:55.697006Z", + "name": "CVE-2023-4808", + "description": "The WP Post Popup WordPress plugin through 3.7.3 does not sanitise and escape some of its inputs, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4808" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--40e60946-f856-42bf-a9a3-c2c544f209b1.json b/objects/vulnerability/vulnerability--40e60946-f856-42bf-a9a3-c2c544f209b1.json new file mode 100644 index 00000000000..e7ddfdcf5b5 --- /dev/null +++ b/objects/vulnerability/vulnerability--40e60946-f856-42bf-a9a3-c2c544f209b1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--2d578087-b414-4287-bb1a-da87850a047c", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--40e60946-f856-42bf-a9a3-c2c544f209b1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.110046Z", + "modified": "2023-11-21T00:16:57.110046Z", + "name": "CVE-2023-29155", + "description": "\nVersions of INEA ME RTU firmware 3.36b and prior do not require authentication to the \"root\" account on the host system of the device. This could allow an attacker to obtain admin-level access to the host system.\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-29155" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--49e05c0a-a10f-4645-a44d-af028bde40e2.json b/objects/vulnerability/vulnerability--49e05c0a-a10f-4645-a44d-af028bde40e2.json new file mode 100644 index 00000000000..8fdeeaf5b76 --- /dev/null +++ b/objects/vulnerability/vulnerability--49e05c0a-a10f-4645-a44d-af028bde40e2.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e9854f9d-527a-417d-87c9-eb0cce2782d2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--49e05c0a-a10f-4645-a44d-af028bde40e2", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:56.352931Z", + "modified": "2023-11-21T00:16:56.352931Z", + "name": "CVE-2023-43612", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-43612" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4b1f658c-9f24-4a27-a191-b19b415a7668.json b/objects/vulnerability/vulnerability--4b1f658c-9f24-4a27-a191-b19b415a7668.json new file mode 100644 index 00000000000..8214daccd0f --- /dev/null +++ b/objects/vulnerability/vulnerability--4b1f658c-9f24-4a27-a191-b19b415a7668.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6b9e196b-676b-4888-8b8a-51856f1a7672", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4b1f658c-9f24-4a27-a191-b19b415a7668", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.502155Z", + "modified": "2023-11-21T00:16:55.502155Z", + "name": "CVE-2023-47172", + "description": "Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47172" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4c08f0c3-2eca-48a0-8641-7f90365a30fb.json b/objects/vulnerability/vulnerability--4c08f0c3-2eca-48a0-8641-7f90365a30fb.json new file mode 100644 index 00000000000..6b20f4f0f49 --- /dev/null +++ b/objects/vulnerability/vulnerability--4c08f0c3-2eca-48a0-8641-7f90365a30fb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ab97b765-bc91-4422-b984-e013d0845664", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4c08f0c3-2eca-48a0-8641-7f90365a30fb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:54.492527Z", + "modified": "2023-11-21T00:16:54.492527Z", + "name": "CVE-2022-46337", + "description": "A cleverly devised username might bypass LDAP authentication checks. In \nLDAP-authenticated Derby installations, this could let an attacker fill \nup the disk by creating junk Derby databases. In LDAP-authenticated \nDerby installations, this could also allow the attacker to execute \nmalware which was visible to and executable by the account which booted \nthe Derby server. In LDAP-protected databases which weren't also \nprotected by SQL GRANT/REVOKE authorization, this vulnerability could \nalso let an attacker view and corrupt sensitive data and run sensitive \ndatabase functions and procedures.\n\nMitigation:\n\nUsers should upgrade to Java 21 and Derby 10.17.1.0.\n\nAlternatively, users who wish to remain on older Java versions should \nbuild their own Derby distribution from one of the release families to \nwhich the fix was backported: 10.16, 10.15, and 10.14. Those are the \nreleases which correspond, respectively, with Java LTS versions 17, 11, \nand 8.\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2022-46337" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4ee8b2d0-9666-49cd-86bd-c27eb7f990f9.json b/objects/vulnerability/vulnerability--4ee8b2d0-9666-49cd-86bd-c27eb7f990f9.json new file mode 100644 index 00000000000..28779fc89a3 --- /dev/null +++ b/objects/vulnerability/vulnerability--4ee8b2d0-9666-49cd-86bd-c27eb7f990f9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fdc2443e-0e89-4b21-99bc-fc02542435ee", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4ee8b2d0-9666-49cd-86bd-c27eb7f990f9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.531917Z", + "modified": "2023-11-21T00:16:55.531917Z", + "name": "CVE-2023-5340", + "description": "The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to perform PHP Object Injection when a suitable gadget is present on the blog.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5340" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--4eefbaec-b250-40d9-8c0f-cb8972f769b6.json b/objects/vulnerability/vulnerability--4eefbaec-b250-40d9-8c0f-cb8972f769b6.json new file mode 100644 index 00000000000..c8510fedb08 --- /dev/null +++ b/objects/vulnerability/vulnerability--4eefbaec-b250-40d9-8c0f-cb8972f769b6.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--744c275c-d769-4279-a7a7-4508a944d978", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--4eefbaec-b250-40d9-8c0f-cb8972f769b6", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.567916Z", + "modified": "2023-11-21T00:16:55.567916Z", + "name": "CVE-2023-5651", + "description": "The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5651" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--53c4209f-013b-44c5-b30d-5b41d5145dcb.json b/objects/vulnerability/vulnerability--53c4209f-013b-44c5-b30d-5b41d5145dcb.json new file mode 100644 index 00000000000..ff36a079caf --- /dev/null +++ b/objects/vulnerability/vulnerability--53c4209f-013b-44c5-b30d-5b41d5145dcb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--42a4841e-0eac-405d-8d37-a2c361634044", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--53c4209f-013b-44c5-b30d-5b41d5145dcb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:51.485762Z", + "modified": "2023-11-21T00:16:51.485762Z", + "name": "CVE-2021-27429", + "description": "\nTexas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution. \n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2021-27429" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--58207164-479e-4531-8d2c-dbab1b79b3fd.json b/objects/vulnerability/vulnerability--58207164-479e-4531-8d2c-dbab1b79b3fd.json new file mode 100644 index 00000000000..1c2533cb339 --- /dev/null +++ b/objects/vulnerability/vulnerability--58207164-479e-4531-8d2c-dbab1b79b3fd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--f53c7a87-3ad7-41d4-9401-9db3cafc8065", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--58207164-479e-4531-8d2c-dbab1b79b3fd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.836704Z", + "modified": "2023-11-21T00:16:55.836704Z", + "name": "CVE-2023-48223", + "description": "fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to version 3.3.2, the fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not properly match all common PEM formats for public keys. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work if the victim application utilizes a public key containing the `BEGIN RSA PUBLIC KEY` header. Applications using the RS256 algorithm, a public key with a `BEGIN RSA PUBLIC KEY` header, and calling the verify function without explicitly providing an algorithm, are vulnerable to this algorithm confusion attack which allows attackers to sign arbitrary payloads which will be accepted by the verifier. Version 3.3.2 contains a patch for this issue. As a workaround, change line 29 of `blob/master/src/crypto.js` to include a regular expression.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48223" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5c6424ba-14fd-4974-97d7-3a09bd2e9ab7.json b/objects/vulnerability/vulnerability--5c6424ba-14fd-4974-97d7-3a09bd2e9ab7.json new file mode 100644 index 00000000000..b0828cc30bb --- /dev/null +++ b/objects/vulnerability/vulnerability--5c6424ba-14fd-4974-97d7-3a09bd2e9ab7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ca41f010-1707-4346-ad6c-587a8218cc69", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5c6424ba-14fd-4974-97d7-3a09bd2e9ab7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.854088Z", + "modified": "2023-11-21T00:16:55.854088Z", + "name": "CVE-2023-48039", + "description": "GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48039" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--5f64a996-7165-46fa-a7b7-5b21b319ee49.json b/objects/vulnerability/vulnerability--5f64a996-7165-46fa-a7b7-5b21b319ee49.json new file mode 100644 index 00000000000..c70b316b555 --- /dev/null +++ b/objects/vulnerability/vulnerability--5f64a996-7165-46fa-a7b7-5b21b319ee49.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d0e378fe-2189-432a-b576-ae8a971fa526", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--5f64a996-7165-46fa-a7b7-5b21b319ee49", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.709777Z", + "modified": "2023-11-21T00:16:55.709777Z", + "name": "CVE-2023-4970", + "description": "The PubyDoc WordPress plugin through 2.0.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4970" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--60b38199-7bf1-418b-9c39-8916e8389ae1.json b/objects/vulnerability/vulnerability--60b38199-7bf1-418b-9c39-8916e8389ae1.json new file mode 100644 index 00000000000..2f6e237990a --- /dev/null +++ b/objects/vulnerability/vulnerability--60b38199-7bf1-418b-9c39-8916e8389ae1.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--db830f5b-9c19-4e5b-bb90-4ea48b7e219b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--60b38199-7bf1-418b-9c39-8916e8389ae1", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.182553Z", + "modified": "2023-11-21T00:16:57.182553Z", + "name": "CVE-2023-46705", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46705" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--63c3a7d0-7374-40c7-b218-cbfb98a91489.json b/objects/vulnerability/vulnerability--63c3a7d0-7374-40c7-b218-cbfb98a91489.json new file mode 100644 index 00000000000..6e17478bb8f --- /dev/null +++ b/objects/vulnerability/vulnerability--63c3a7d0-7374-40c7-b218-cbfb98a91489.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cfbf2727-afc7-419f-a596-6786ad250dfd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--63c3a7d0-7374-40c7-b218-cbfb98a91489", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.086564Z", + "modified": "2023-11-21T00:16:55.086564Z", + "name": "CVE-2023-38884", + "description": "An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/-'", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38884" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--6d42e8a1-4ff0-49d9-8a40-685966a94905.json b/objects/vulnerability/vulnerability--6d42e8a1-4ff0-49d9-8a40-685966a94905.json new file mode 100644 index 00000000000..32f8e3bf344 --- /dev/null +++ b/objects/vulnerability/vulnerability--6d42e8a1-4ff0-49d9-8a40-685966a94905.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ef3da633-d19f-40f9-8e1f-16ffa8e093ae", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--6d42e8a1-4ff0-49d9-8a40-685966a94905", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.167487Z", + "modified": "2023-11-21T00:16:57.167487Z", + "name": "CVE-2023-46471", + "description": "Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via the text variable scriptContainer of the ScriptViewer.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46471" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--76a79d84-8c58-4e49-9a18-073944169ecd.json b/objects/vulnerability/vulnerability--76a79d84-8c58-4e49-9a18-073944169ecd.json new file mode 100644 index 00000000000..40a52fc1d10 --- /dev/null +++ b/objects/vulnerability/vulnerability--76a79d84-8c58-4e49-9a18-073944169ecd.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5601117a-13b9-4eba-9b24-8dea500e2057", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--76a79d84-8c58-4e49-9a18-073944169ecd", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.839314Z", + "modified": "2023-11-21T00:16:55.839314Z", + "name": "CVE-2023-48300", + "description": "The `Embed Privacy` plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via `embed_privacy_opt_out` shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Version 1.8.1 contains a patch for this issue.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48300" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--77120df7-ba45-4b33-b669-b931d5baa3b5.json b/objects/vulnerability/vulnerability--77120df7-ba45-4b33-b669-b931d5baa3b5.json new file mode 100644 index 00000000000..2e56a31fda4 --- /dev/null +++ b/objects/vulnerability/vulnerability--77120df7-ba45-4b33-b669-b931d5baa3b5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--3655df3d-38d4-426d-ba44-5df4a57b356b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--77120df7-ba45-4b33-b669-b931d5baa3b5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.095329Z", + "modified": "2023-11-21T00:16:55.095329Z", + "name": "CVE-2023-38879", + "description": "The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38879" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--78857509-0ba8-4a01-aadd-bba362f56bb7.json b/objects/vulnerability/vulnerability--78857509-0ba8-4a01-aadd-bba362f56bb7.json new file mode 100644 index 00000000000..62077ebff50 --- /dev/null +++ b/objects/vulnerability/vulnerability--78857509-0ba8-4a01-aadd-bba362f56bb7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--78ca6a2b-bee4-4755-a773-20d64e05ea7d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--78857509-0ba8-4a01-aadd-bba362f56bb7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.558232Z", + "modified": "2023-11-21T00:16:55.558232Z", + "name": "CVE-2023-5652", + "description": "The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not escape user input before using it in a SQL statement of a function hooked to admin_init, allowing unauthenticated users to perform SQL injections", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5652" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--79108105-0227-44f2-ab23-ad47316a8b03.json b/objects/vulnerability/vulnerability--79108105-0227-44f2-ab23-ad47316a8b03.json new file mode 100644 index 00000000000..135c24264da --- /dev/null +++ b/objects/vulnerability/vulnerability--79108105-0227-44f2-ab23-ad47316a8b03.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1db222ab-8af6-4582-8e68-c5a116dbd88a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--79108105-0227-44f2-ab23-ad47316a8b03", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.705073Z", + "modified": "2023-11-21T00:16:55.705073Z", + "name": "CVE-2023-4824", + "description": "The WooHoo Newspaper Magazine theme does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4824" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7c3725da-7c8e-478a-9e2e-a6048c09ae9f.json b/objects/vulnerability/vulnerability--7c3725da-7c8e-478a-9e2e-a6048c09ae9f.json new file mode 100644 index 00000000000..f8bf6e54c14 --- /dev/null +++ b/objects/vulnerability/vulnerability--7c3725da-7c8e-478a-9e2e-a6048c09ae9f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--e41011d6-0085-42d2-b05c-71ba9f96517a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7c3725da-7c8e-478a-9e2e-a6048c09ae9f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.570605Z", + "modified": "2023-11-21T00:16:55.570605Z", + "name": "CVE-2023-5119", + "description": "The Forminator WordPress plugin before 1.27.0 does not properly sanitize the redirect-url field in the form submission settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfiltered_html capability is disallowed (for example in a multisite setup).", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5119" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--7cf8069e-9b01-462c-856a-6a2376982e07.json b/objects/vulnerability/vulnerability--7cf8069e-9b01-462c-856a-6a2376982e07.json new file mode 100644 index 00000000000..37f3267693e --- /dev/null +++ b/objects/vulnerability/vulnerability--7cf8069e-9b01-462c-856a-6a2376982e07.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--fd8aa818-fb56-4168-b13b-3519d748a87f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--7cf8069e-9b01-462c-856a-6a2376982e07", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:50.822441Z", + "modified": "2023-11-21T00:16:50.822441Z", + "name": "CVE-2021-22636", + "description": "\n\n\n\n\n\n\nTexas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. \n\n\n\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2021-22636" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8030b3de-1ff7-421d-94b3-9452803e5229.json b/objects/vulnerability/vulnerability--8030b3de-1ff7-421d-94b3-9452803e5229.json new file mode 100644 index 00000000000..d02029f7fac --- /dev/null +++ b/objects/vulnerability/vulnerability--8030b3de-1ff7-421d-94b3-9452803e5229.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ee9d389c-587a-42ca-ac8b-ddf5d351a73d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8030b3de-1ff7-421d-94b3-9452803e5229", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.973273Z", + "modified": "2023-11-21T00:16:55.973273Z", + "name": "CVE-2023-6196", + "description": "The Audio Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.4. This is due to missing or incorrect nonce validation on the function audio_merchant_add_audio_file function. This makes it possible for unauthenticated attackers to upload arbitrary files via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6196" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--86122faa-3a8b-4ad0-b261-19211aece518.json b/objects/vulnerability/vulnerability--86122faa-3a8b-4ad0-b261-19211aece518.json new file mode 100644 index 00000000000..b26cbaa8816 --- /dev/null +++ b/objects/vulnerability/vulnerability--86122faa-3a8b-4ad0-b261-19211aece518.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--92432f6d-a2d0-4839-819a-26ed75617dc9", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--86122faa-3a8b-4ad0-b261-19211aece518", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.468475Z", + "modified": "2023-11-21T00:16:55.468475Z", + "name": "CVE-2023-47217", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47217" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--87718cdd-ca26-41b0-8211-8c853471e542.json b/objects/vulnerability/vulnerability--87718cdd-ca26-41b0-8211-8c853471e542.json new file mode 100644 index 00000000000..9c3df1e2b1d --- /dev/null +++ b/objects/vulnerability/vulnerability--87718cdd-ca26-41b0-8211-8c853471e542.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--71d21504-c614-44da-99e6-c43b5f976e99", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--87718cdd-ca26-41b0-8211-8c853471e542", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.152499Z", + "modified": "2023-11-21T00:16:57.152499Z", + "name": "CVE-2023-46100", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46100" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--886eb65e-10fa-42b8-b747-d337186775a4.json b/objects/vulnerability/vulnerability--886eb65e-10fa-42b8-b747-d337186775a4.json new file mode 100644 index 00000000000..d956f8eb6e8 --- /dev/null +++ b/objects/vulnerability/vulnerability--886eb65e-10fa-42b8-b747-d337186775a4.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d8964fc0-ab4d-4d9d-bb1e-7ccb61dc9672", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--886eb65e-10fa-42b8-b747-d337186775a4", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.829712Z", + "modified": "2023-11-21T00:16:55.829712Z", + "name": "CVE-2023-48109", + "description": "Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48109" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8dd719f0-5244-445a-8b31-c73fff4b1fae.json b/objects/vulnerability/vulnerability--8dd719f0-5244-445a-8b31-c73fff4b1fae.json new file mode 100644 index 00000000000..9adbdc7ccd7 --- /dev/null +++ b/objects/vulnerability/vulnerability--8dd719f0-5244-445a-8b31-c73fff4b1fae.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5726389f-0997-4563-b0a9-42440969cafe", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8dd719f0-5244-445a-8b31-c73fff4b1fae", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.562332Z", + "modified": "2023-11-21T00:16:55.562332Z", + "name": "CVE-2023-5343", + "description": "The Popup box WordPress plugin before 3.7.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5343" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8f59e6d0-a7dc-4153-958e-ec6a6fdef1c5.json b/objects/vulnerability/vulnerability--8f59e6d0-a7dc-4153-958e-ec6a6fdef1c5.json new file mode 100644 index 00000000000..ab92c8554c8 --- /dev/null +++ b/objects/vulnerability/vulnerability--8f59e6d0-a7dc-4153-958e-ec6a6fdef1c5.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--54b55f2d-c393-431b-b1cd-a8bfdbd572e1", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8f59e6d0-a7dc-4153-958e-ec6a6fdef1c5", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.823443Z", + "modified": "2023-11-21T00:16:55.823443Z", + "name": "CVE-2023-48218", + "description": "The Strapi Protected Populate Plugin protects `get` endpoints from revealing too much information. Prior to version 1.3.4, users were able to bypass the field level security. Users who tried to populate something that they didn't have access to could populate those fields anyway. This issue has been patched in version 1.3.4. There are no known workarounds.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48218" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--8f94eb78-fded-4c50-b222-975d185fa134.json b/objects/vulnerability/vulnerability--8f94eb78-fded-4c50-b222-975d185fa134.json new file mode 100644 index 00000000000..d9bd0454c96 --- /dev/null +++ b/objects/vulnerability/vulnerability--8f94eb78-fded-4c50-b222-975d185fa134.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--dbec0657-a5ae-4dc2-909e-61729d1cf067", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--8f94eb78-fded-4c50-b222-975d185fa134", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.072002Z", + "modified": "2023-11-21T00:16:57.072002Z", + "name": "CVE-2023-42774", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-42774" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9104e4ed-8432-4bff-b4ef-6870cc53e4b3.json b/objects/vulnerability/vulnerability--9104e4ed-8432-4bff-b4ef-6870cc53e4b3.json new file mode 100644 index 00000000000..ebe7e65861e --- /dev/null +++ b/objects/vulnerability/vulnerability--9104e4ed-8432-4bff-b4ef-6870cc53e4b3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--97e4e72d-4251-4c43-91c5-62773adb3a0a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9104e4ed-8432-4bff-b4ef-6870cc53e4b3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.122162Z", + "modified": "2023-11-21T00:16:55.122162Z", + "name": "CVE-2023-38823", + "description": "Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38823" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--93a0977a-b89a-47e2-b11f-104dbcd353f9.json b/objects/vulnerability/vulnerability--93a0977a-b89a-47e2-b11f-104dbcd353f9.json new file mode 100644 index 00000000000..f11a7dfe99f --- /dev/null +++ b/objects/vulnerability/vulnerability--93a0977a-b89a-47e2-b11f-104dbcd353f9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--ce3f2da0-1e2a-449d-aa66-fa22db100424", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--93a0977a-b89a-47e2-b11f-104dbcd353f9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.109133Z", + "modified": "2023-11-21T00:16:55.109133Z", + "name": "CVE-2023-38881", + "description": "A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into any of the 'calendar_id', 'school_date', 'month' or 'year' parameters in 'CalendarModal.php'.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38881" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--96eb395a-5146-4c44-83ba-f5dc007b1663.json b/objects/vulnerability/vulnerability--96eb395a-5146-4c44-83ba-f5dc007b1663.json new file mode 100644 index 00000000000..d777994e81b --- /dev/null +++ b/objects/vulnerability/vulnerability--96eb395a-5146-4c44-83ba-f5dc007b1663.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--de4507cc-0b37-405a-8ea1-8dcab616dac6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--96eb395a-5146-4c44-83ba-f5dc007b1663", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.79952Z", + "modified": "2023-11-21T00:16:55.79952Z", + "name": "CVE-2023-48110", + "description": "Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48110" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--97c79490-1ab8-4490-8d71-22987d8349d8.json b/objects/vulnerability/vulnerability--97c79490-1ab8-4490-8d71-22987d8349d8.json new file mode 100644 index 00000000000..20de5e07d90 --- /dev/null +++ b/objects/vulnerability/vulnerability--97c79490-1ab8-4490-8d71-22987d8349d8.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d04df280-97a1-4025-87ff-75e383b54d7e", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--97c79490-1ab8-4490-8d71-22987d8349d8", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.85068Z", + "modified": "2023-11-21T00:16:55.85068Z", + "name": "CVE-2023-48111", + "description": "Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48111" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--9a90fe4c-0363-4fa2-a958-18cd63c5b028.json b/objects/vulnerability/vulnerability--9a90fe4c-0363-4fa2-a958-18cd63c5b028.json new file mode 100644 index 00000000000..e7174dd384d --- /dev/null +++ b/objects/vulnerability/vulnerability--9a90fe4c-0363-4fa2-a958-18cd63c5b028.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5bc2c1c3-7f4c-4a58-9e3c-6f2030bd2edd", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--9a90fe4c-0363-4fa2-a958-18cd63c5b028", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.098299Z", + "modified": "2023-11-21T00:16:55.098299Z", + "name": "CVE-2023-38882", + "description": "A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php'", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38882" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--a34c2a96-efa8-4068-8af2-6f7d0ac3fc42.json b/objects/vulnerability/vulnerability--a34c2a96-efa8-4068-8af2-6f7d0ac3fc42.json new file mode 100644 index 00000000000..5d80799b5a5 --- /dev/null +++ b/objects/vulnerability/vulnerability--a34c2a96-efa8-4068-8af2-6f7d0ac3fc42.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0d4a4421-a6e9-4019-96a2-845e2092c28a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--a34c2a96-efa8-4068-8af2-6f7d0ac3fc42", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.970337Z", + "modified": "2023-11-21T00:16:55.970337Z", + "name": "CVE-2023-6178", + "description": "\nAn arbitrary file write vulnerability exists where an authenticated attacker with privileges on the managing application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition. \n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6178" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa25822e-f6dd-467e-a7f0-c741ff87088f.json b/objects/vulnerability/vulnerability--aa25822e-f6dd-467e-a7f0-c741ff87088f.json new file mode 100644 index 00000000000..00392cfc24c --- /dev/null +++ b/objects/vulnerability/vulnerability--aa25822e-f6dd-467e-a7f0-c741ff87088f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--6466a490-3855-4d36-b929-cca786ed7670", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa25822e-f6dd-467e-a7f0-c741ff87088f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.820648Z", + "modified": "2023-11-21T00:16:55.820648Z", + "name": "CVE-2023-48240", + "description": "XWiki Platform is a generic wiki platform. The rendered diff in XWiki embeds images to be able to compare the contents and not display a difference for an actually unchanged image. For this, XWiki requests all embedded images on the server side. These requests are also sent for images from other domains and include all cookies that were sent in the original request to ensure that images with restricted view right can be compared. Starting in version 11.10.1 and prior to versions 14.10.15, 15.5.1, and 15.6, this allows an attacker to steal login and session cookies that allow impersonating the current user who views the diff. The attack can be triggered with an image that references the rendered diff, thus making it easy to trigger. Apart from stealing login cookies, this also allows server-side request forgery (the result of any successful request is returned in the image's source) and viewing protected content as once a resource is cached, it is returned for all users. As only successful requests are cached, the cache will be filled by the first user who is allowed to access the resource. This has been patched in XWiki 14.10.15, 15.5.1 and 15.6. The rendered diff now only downloads images from trusted domains. Further, cookies are only sent when the image's domain is the same the requested domain. The cache has been changed to be specific for each user. As a workaround, the image embedding feature can be disabled by deleting `xwiki-platform-diff-xml-.jar` in `WEB-INF/lib/`.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48240" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aa483005-a412-4dd8-9b46-58ffe43a9316.json b/objects/vulnerability/vulnerability--aa483005-a412-4dd8-9b46-58ffe43a9316.json new file mode 100644 index 00000000000..96e3ef061ae --- /dev/null +++ b/objects/vulnerability/vulnerability--aa483005-a412-4dd8-9b46-58ffe43a9316.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--880f5e95-4dd1-408d-b218-0fc5ad4470e0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aa483005-a412-4dd8-9b46-58ffe43a9316", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.494979Z", + "modified": "2023-11-21T00:16:55.494979Z", + "name": "CVE-2023-47417", + "description": "Cross Site Scripting (XSS) vulnerability in the component /shells/embedder.html of DZSlides after v2011.07.25 allows attackers to execute arbitrary code via a crafted payload.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47417" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--aba74958-d561-4a3c-b1d6-eb896bc6b7cf.json b/objects/vulnerability/vulnerability--aba74958-d561-4a3c-b1d6-eb896bc6b7cf.json new file mode 100644 index 00000000000..c136f12b0b3 --- /dev/null +++ b/objects/vulnerability/vulnerability--aba74958-d561-4a3c-b1d6-eb896bc6b7cf.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--835f75c7-e614-44ba-a275-e373b674c32d", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--aba74958-d561-4a3c-b1d6-eb896bc6b7cf", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.880445Z", + "modified": "2023-11-21T00:16:55.880445Z", + "name": "CVE-2023-35762", + "description": "\nVersions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command injection, which could allow remote code execution.\n\n\n\n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-35762" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--abac584f-ca56-447e-be41-525bb569c37e.json b/objects/vulnerability/vulnerability--abac584f-ca56-447e-be41-525bb569c37e.json new file mode 100644 index 00000000000..58f1e48d8ec --- /dev/null +++ b/objects/vulnerability/vulnerability--abac584f-ca56-447e-be41-525bb569c37e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9e53c6a5-ddf9-4623-8cba-78bf4046f65a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--abac584f-ca56-447e-be41-525bb569c37e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.825248Z", + "modified": "2023-11-21T00:16:55.825248Z", + "name": "CVE-2023-48090", + "description": "GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leaks in extract_attributes media_tools/m3u8.c:329.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48090" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ac2f7e54-28c8-4daf-8fd6-bc71f57aabee.json b/objects/vulnerability/vulnerability--ac2f7e54-28c8-4daf-8fd6-bc71f57aabee.json new file mode 100644 index 00000000000..cb191d542b3 --- /dev/null +++ b/objects/vulnerability/vulnerability--ac2f7e54-28c8-4daf-8fd6-bc71f57aabee.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--720ba976-e906-47d9-b5c9-04a5e703de37", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ac2f7e54-28c8-4daf-8fd6-bc71f57aabee", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:56.227571Z", + "modified": "2023-11-21T00:16:56.227571Z", + "name": "CVE-2023-3379", + "description": "Wago web-based management of multiple products has a vulnerability which allows an local authenticated attacker to change the passwords of other non-admin users and thus to escalate non-root privileges.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3379" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ad064360-0fca-46be-ba0f-cc41e4bf12d3.json b/objects/vulnerability/vulnerability--ad064360-0fca-46be-ba0f-cc41e4bf12d3.json new file mode 100644 index 00000000000..7730422f550 --- /dev/null +++ b/objects/vulnerability/vulnerability--ad064360-0fca-46be-ba0f-cc41e4bf12d3.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--0dea2c36-157a-40f5-b55f-8ed39302ed31", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ad064360-0fca-46be-ba0f-cc41e4bf12d3", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.164266Z", + "modified": "2023-11-21T00:16:57.164266Z", + "name": "CVE-2023-46700", + "description": "SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary SQL command by sending a crafted request, and obtain or alter information stored in the database.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46700" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--bcdb5f02-9a0f-4a21-b98c-7bd6aa05041e.json b/objects/vulnerability/vulnerability--bcdb5f02-9a0f-4a21-b98c-7bd6aa05041e.json new file mode 100644 index 00000000000..06be246b407 --- /dev/null +++ b/objects/vulnerability/vulnerability--bcdb5f02-9a0f-4a21-b98c-7bd6aa05041e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1305b473-7441-411a-be43-493c8f5956f0", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--bcdb5f02-9a0f-4a21-b98c-7bd6aa05041e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.975244Z", + "modified": "2023-11-21T00:16:55.975244Z", + "name": "CVE-2023-6144", + "description": "Dev blog v1.0 allows to exploit an account takeover through the \"user\" cookie. With this, an attacker can access any user's session just by knowing their username.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6144" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c0b24705-87ed-4fbb-abc6-4292e7400f2e.json b/objects/vulnerability/vulnerability--c0b24705-87ed-4fbb-abc6-4292e7400f2e.json new file mode 100644 index 00000000000..2c2f2789e8b --- /dev/null +++ b/objects/vulnerability/vulnerability--c0b24705-87ed-4fbb-abc6-4292e7400f2e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--70144142-e360-44b3-9d60-9f3866053e5f", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c0b24705-87ed-4fbb-abc6-4292e7400f2e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.470977Z", + "modified": "2023-11-21T00:16:55.470977Z", + "name": "CVE-2023-47311", + "description": "An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47311" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c59c61dd-62d8-4325-a675-464c1fc4d79d.json b/objects/vulnerability/vulnerability--c59c61dd-62d8-4325-a675-464c1fc4d79d.json new file mode 100644 index 00000000000..5f27a74dff2 --- /dev/null +++ b/objects/vulnerability/vulnerability--c59c61dd-62d8-4325-a675-464c1fc4d79d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--649bda8c-fdff-4a70-88e4-82c416ee738b", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c59c61dd-62d8-4325-a675-464c1fc4d79d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.976351Z", + "modified": "2023-11-21T00:16:55.976351Z", + "name": "CVE-2023-6142", + "description": "Dev blog v1.0 allows to exploit an XSS through an unrestricted file upload, together with a bad entropy of filenames. With this an attacker can upload a malicious HTML file, then guess the filename of the uploaded file and send it to a potential victim.\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6142" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c7b49e7b-f8de-4e71-a37c-79daffc89883.json b/objects/vulnerability/vulnerability--c7b49e7b-f8de-4e71-a37c-79daffc89883.json new file mode 100644 index 00000000000..1a7653f4c93 --- /dev/null +++ b/objects/vulnerability/vulnerability--c7b49e7b-f8de-4e71-a37c-79daffc89883.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--22a32f87-c420-4dd5-bc85-494162adb485", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c7b49e7b-f8de-4e71-a37c-79daffc89883", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.170787Z", + "modified": "2023-11-21T00:16:57.170787Z", + "name": "CVE-2023-46470", + "description": "Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46470" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--c8e94c06-cdc7-45fb-bf08-29f1f49d2a39.json b/objects/vulnerability/vulnerability--c8e94c06-cdc7-45fb-bf08-29f1f49d2a39.json new file mode 100644 index 00000000000..faf6a33a9c4 --- /dev/null +++ b/objects/vulnerability/vulnerability--c8e94c06-cdc7-45fb-bf08-29f1f49d2a39.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--cfc096c1-5485-4bbf-a4de-3830a4c83f87", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--c8e94c06-cdc7-45fb-bf08-29f1f49d2a39", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.469982Z", + "modified": "2023-11-21T00:16:55.469982Z", + "name": "CVE-2023-47175", + "description": "Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47175" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cc7d4f69-fddf-4c4b-85e2-218b9f87705d.json b/objects/vulnerability/vulnerability--cc7d4f69-fddf-4c4b-85e2-218b9f87705d.json new file mode 100644 index 00000000000..6d529ad3740 --- /dev/null +++ b/objects/vulnerability/vulnerability--cc7d4f69-fddf-4c4b-85e2-218b9f87705d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--157ff4e4-3b57-4615-8eb3-80e3bd28345a", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cc7d4f69-fddf-4c4b-85e2-218b9f87705d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.158193Z", + "modified": "2023-11-21T00:16:57.158193Z", + "name": "CVE-2023-46990", + "description": "Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-46990" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cd33e5dc-b197-4145-9757-3ca708221265.json b/objects/vulnerability/vulnerability--cd33e5dc-b197-4145-9757-3ca708221265.json new file mode 100644 index 00000000000..55d6ae0aad9 --- /dev/null +++ b/objects/vulnerability/vulnerability--cd33e5dc-b197-4145-9757-3ca708221265.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5e4609fb-1b22-4683-9da9-6a5b25d42f59", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cd33e5dc-b197-4145-9757-3ca708221265", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.830765Z", + "modified": "2023-11-21T00:16:55.830765Z", + "name": "CVE-2023-48293", + "description": "The XWiki Admin Tools Application provides tools to help the administration of XWiki. Prior to version 4.5.1, a cross-site request forgery vulnerability in the query on XWiki tool allows executing arbitrary database queries on the database of the XWiki installation. Among other things, this allows modifying and deleting all data of the wiki. This could be both used to damage the wiki and to create an account with elevated privileges for the attacker, thus impacting the confidentiality, integrity and availability of the whole XWiki instance. A possible attack vector are comments on the wiki, by embedding an image with wiki syntax like `[[image:path:/xwiki/bin/view/Admin/QueryOnXWiki?query=DELETE%20FROM%20xwikidoc]]`, all documents would be deleted from the database when an admin user views this comment. This has been patched in Admin Tools Application 4.5.1 by adding form token checks. Some workarounds are available. The patch can also be applied manually to the affected pages. Alternatively, if the query tool is not needed, by deleting the document `Admin.SQLToolsGroovy`, all database query tools can be deactivated.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48293" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--cda9ecf1-fb52-46ab-8912-da2dd25b486d.json b/objects/vulnerability/vulnerability--cda9ecf1-fb52-46ab-8912-da2dd25b486d.json new file mode 100644 index 00000000000..387c201a97f --- /dev/null +++ b/objects/vulnerability/vulnerability--cda9ecf1-fb52-46ab-8912-da2dd25b486d.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d1566f51-be89-4ebd-9bf2-0007aade3994", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--cda9ecf1-fb52-46ab-8912-da2dd25b486d", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.816369Z", + "modified": "2023-11-21T00:16:55.816369Z", + "name": "CVE-2023-48051", + "description": "An issue in /upydev/keygen.py in upydev v0.4.3 allows attackers to decrypt sensitive information via weak encryption padding.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48051" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d0c839c0-8409-4249-b143-ba9f3705f9de.json b/objects/vulnerability/vulnerability--d0c839c0-8409-4249-b143-ba9f3705f9de.json new file mode 100644 index 00000000000..d2c29831e57 --- /dev/null +++ b/objects/vulnerability/vulnerability--d0c839c0-8409-4249-b143-ba9f3705f9de.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--69a071e1-7b66-4815-80a6-c91c0731c5ca", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d0c839c0-8409-4249-b143-ba9f3705f9de", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.50808Z", + "modified": "2023-11-21T00:16:55.50808Z", + "name": "CVE-2023-47772", + "description": "Contributor+ Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <= 6.6.14.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-47772" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--d6d5cb2a-5ed9-4049-8bef-1d568afff34e.json b/objects/vulnerability/vulnerability--d6d5cb2a-5ed9-4049-8bef-1d568afff34e.json new file mode 100644 index 00000000000..ee78c95078d --- /dev/null +++ b/objects/vulnerability/vulnerability--d6d5cb2a-5ed9-4049-8bef-1d568afff34e.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--266844c4-26a8-4a00-8f25-2434501a3c04", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--d6d5cb2a-5ed9-4049-8bef-1d568afff34e", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.527506Z", + "modified": "2023-11-21T00:16:55.527506Z", + "name": "CVE-2023-5509", + "description": "The myStickymenu WordPress plugin before 2.6.5 does not adequately authorize some ajax calls, allowing any logged-in user to perform the actions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5509" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--da62089b-14d6-4ca3-9bdc-314dd8ea9cfb.json b/objects/vulnerability/vulnerability--da62089b-14d6-4ca3-9bdc-314dd8ea9cfb.json new file mode 100644 index 00000000000..d6bdfdcd6b9 --- /dev/null +++ b/objects/vulnerability/vulnerability--da62089b-14d6-4ca3-9bdc-314dd8ea9cfb.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--d57c8a67-5cfd-4834-81fb-58a69f9d7ff2", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--da62089b-14d6-4ca3-9bdc-314dd8ea9cfb", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.805025Z", + "modified": "2023-11-21T00:16:55.805025Z", + "name": "CVE-2023-48192", + "description": "An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48192" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--dcd83285-8e50-4f09-a5ad-2b8c6d9b323a.json b/objects/vulnerability/vulnerability--dcd83285-8e50-4f09-a5ad-2b8c6d9b323a.json new file mode 100644 index 00000000000..e97a5f8d5b7 --- /dev/null +++ b/objects/vulnerability/vulnerability--dcd83285-8e50-4f09-a5ad-2b8c6d9b323a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9bf49026-5260-48c9-84ce-c21e74c9f660", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--dcd83285-8e50-4f09-a5ad-2b8c6d9b323a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.101379Z", + "modified": "2023-11-21T00:16:55.101379Z", + "name": "CVE-2023-38880", + "description": "The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a database backup, the backup is stored in the web root while the file name has a format of \"opensisBackup.sq|\" (e.g. \"opensisBackup07-20-2023.sql\"), i.e. can easily be guessed. This file can be accessed by any unauthenticated actor and contains a dump of the whole database including password hashes.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38880" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e1b2dfca-ef48-47de-9a3e-3c6ef722c07b.json b/objects/vulnerability/vulnerability--e1b2dfca-ef48-47de-9a3e-3c6ef722c07b.json new file mode 100644 index 00000000000..d9fd4beb898 --- /dev/null +++ b/objects/vulnerability/vulnerability--e1b2dfca-ef48-47de-9a3e-3c6ef722c07b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--825e1018-a326-495a-ae15-db1e51100be5", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e1b2dfca-ef48-47de-9a3e-3c6ef722c07b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.530801Z", + "modified": "2023-11-21T00:16:55.530801Z", + "name": "CVE-2023-5609", + "description": "The Seraphinite Accelerator WordPress plugin before 2.2.29 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5609" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--e3d510d6-ca11-4194-929f-de1ad7d1d2ed.json b/objects/vulnerability/vulnerability--e3d510d6-ca11-4194-929f-de1ad7d1d2ed.json new file mode 100644 index 00000000000..fbabb716657 --- /dev/null +++ b/objects/vulnerability/vulnerability--e3d510d6-ca11-4194-929f-de1ad7d1d2ed.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c1469efd-b8f1-422f-a970-c8fbe90d44c6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--e3d510d6-ca11-4194-929f-de1ad7d1d2ed", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:57.021242Z", + "modified": "2023-11-21T00:16:57.021242Z", + "name": "CVE-2023-36013", + "description": "PowerShell Information Disclosure Vulnerability", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-36013" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--eb21c840-6c74-4588-a93f-48c0ab00560b.json b/objects/vulnerability/vulnerability--eb21c840-6c74-4588-a93f-48c0ab00560b.json new file mode 100644 index 00000000000..7a2e77988bf --- /dev/null +++ b/objects/vulnerability/vulnerability--eb21c840-6c74-4588-a93f-48c0ab00560b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--5dec1d36-8d78-425b-b1f0-38067532fb23", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--eb21c840-6c74-4588-a93f-48c0ab00560b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.729333Z", + "modified": "2023-11-21T00:16:55.729333Z", + "name": "CVE-2023-4799", + "description": "The Magic Embeds WordPress plugin through 3.0.10 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-4799" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--ec453fdd-701c-4296-8266-7b361b4a8da7.json b/objects/vulnerability/vulnerability--ec453fdd-701c-4296-8266-7b361b4a8da7.json new file mode 100644 index 00000000000..f72610fbcdc --- /dev/null +++ b/objects/vulnerability/vulnerability--ec453fdd-701c-4296-8266-7b361b4a8da7.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--29a12190-9658-4777-b8e9-951a1f1ccad6", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--ec453fdd-701c-4296-8266-7b361b4a8da7", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:56.202764Z", + "modified": "2023-11-21T00:16:56.202764Z", + "name": "CVE-2023-3116", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-3116" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f0c5aa86-cb51-4290-bafd-950749742a4c.json b/objects/vulnerability/vulnerability--f0c5aa86-cb51-4290-bafd-950749742a4c.json new file mode 100644 index 00000000000..579c703a997 --- /dev/null +++ b/objects/vulnerability/vulnerability--f0c5aa86-cb51-4290-bafd-950749742a4c.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--9eed2af8-7f50-4472-9750-95edea0cd071", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f0c5aa86-cb51-4290-bafd-950749742a4c", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.834655Z", + "modified": "2023-11-21T00:16:55.834655Z", + "name": "CVE-2023-48221", + "description": "wire-avs provides Audio, Visual, and Signaling (AVS) functionality sure the secure messaging software Wire. Prior to versions 9.2.22 and 9.3.5, a remote format string vulnerability could potentially allow an attacker to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs 9.2.22 & 9.3.5 and is already included on all Wire products. No known workarounds are available.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48221" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f1099024-204a-4272-86cf-1653d802b4b9.json b/objects/vulnerability/vulnerability--f1099024-204a-4272-86cf-1653d802b4b9.json new file mode 100644 index 00000000000..6b33842ad20 --- /dev/null +++ b/objects/vulnerability/vulnerability--f1099024-204a-4272-86cf-1653d802b4b9.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--c7a40f7a-7736-4186-8a78-8679e22b7756", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f1099024-204a-4272-86cf-1653d802b4b9", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.802766Z", + "modified": "2023-11-21T00:16:55.802766Z", + "name": "CVE-2023-48310", + "description": "TestingPlatform is a testing platform for Internet Security Standards. Prior to version 2.1.1, user input is not filtered correctly. Nmap options are accepted. In this particular case, the option to create log files is accepted in addition to a host name (and even without). A log file is created at the location specified. These files are created as root. If the file exists, the existing file is being rendered useless. This can result in denial of service. Version 2.1.1 contains a patch for this issue.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-48310" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f4451461-ba85-4444-980d-2f033b44b12a.json b/objects/vulnerability/vulnerability--f4451461-ba85-4444-980d-2f033b44b12a.json new file mode 100644 index 00000000000..5a3e0980438 --- /dev/null +++ b/objects/vulnerability/vulnerability--f4451461-ba85-4444-980d-2f033b44b12a.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--50656218-814a-4174-b8af-6800ade6e412", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f4451461-ba85-4444-980d-2f033b44b12a", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.518214Z", + "modified": "2023-11-21T00:16:55.518214Z", + "name": "CVE-2023-5610", + "description": "The Seraphinite Accelerator WordPress plugin before 2.2.29 does not validate the URL to redirect any authenticated user to, leading to an arbitrary redirect", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-5610" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f46a1f91-6dc6-4b8a-9863-f6dd66a61b0f.json b/objects/vulnerability/vulnerability--f46a1f91-6dc6-4b8a-9863-f6dd66a61b0f.json new file mode 100644 index 00000000000..0a1b9f58c23 --- /dev/null +++ b/objects/vulnerability/vulnerability--f46a1f91-6dc6-4b8a-9863-f6dd66a61b0f.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--7cd9a060-3d4d-45ee-a51d-8fc372801c62", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f46a1f91-6dc6-4b8a-9863-f6dd66a61b0f", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.962045Z", + "modified": "2023-11-21T00:16:55.962045Z", + "name": "CVE-2023-6045", + "description": "in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6045" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--f52bc8c4-9457-4caf-af8c-2cbc5d7f339b.json b/objects/vulnerability/vulnerability--f52bc8c4-9457-4caf-af8c-2cbc5d7f339b.json new file mode 100644 index 00000000000..ab9b8193a04 --- /dev/null +++ b/objects/vulnerability/vulnerability--f52bc8c4-9457-4caf-af8c-2cbc5d7f339b.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--bce6aaa5-05cb-41b7-b26b-ce13ee5d8f52", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--f52bc8c4-9457-4caf-af8c-2cbc5d7f339b", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.966002Z", + "modified": "2023-11-21T00:16:55.966002Z", + "name": "CVE-2023-6062", + "description": "\nAn arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus Rules variables to overwrite arbitrary files on the remote host, which could lead to a denial of service condition. \n\n", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-6062" + } + ] + } + ] +} \ No newline at end of file diff --git a/objects/vulnerability/vulnerability--fa4104be-dfcb-4167-95d0-1fb4ebd012cc.json b/objects/vulnerability/vulnerability--fa4104be-dfcb-4167-95d0-1fb4ebd012cc.json new file mode 100644 index 00000000000..cb0a61188b6 --- /dev/null +++ b/objects/vulnerability/vulnerability--fa4104be-dfcb-4167-95d0-1fb4ebd012cc.json @@ -0,0 +1,22 @@ +{ + "type": "bundle", + "id": "bundle--1e4c8e18-06be-41c6-b3c6-c276de98af42", + "objects": [ + { + "type": "vulnerability", + "spec_version": "2.1", + "id": "vulnerability--fa4104be-dfcb-4167-95d0-1fb4ebd012cc", + "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a", + "created": "2023-11-21T00:16:55.128699Z", + "modified": "2023-11-21T00:16:55.128699Z", + "name": "CVE-2023-38883", + "description": "A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'ajax' parameter in 'ParentLookup.php'.", + "external_references": [ + { + "source_name": "cve", + "external_id": "CVE-2023-38883" + } + ] + } + ] +} \ No newline at end of file