diff --git a/2013/10xxx/CVE-2013-10023.json b/2013/10xxx/CVE-2013-10023.json new file mode 100644 index 00000000000..61519cfe30c --- /dev/null +++ b/2013/10xxx/CVE-2013-10023.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2013-10023", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/10xxx/CVE-2015-10098.json b/2015/10xxx/CVE-2015-10098.json new file mode 100644 index 00000000000..17c121e3f69 --- /dev/null +++ b/2015/10xxx/CVE-2015-10098.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-10098", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36713.json b/2021/36xxx/CVE-2021-36713.json index 34e7df27cca..997e771c432 100644 --- a/2021/36xxx/CVE-2021-36713.json +++ b/2021/36xxx/CVE-2021-36713.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://gist.github.com/walhajri/711af9b62f6fb25e66a5d9a490deab98", "url": "https://gist.github.com/walhajri/711af9b62f6fb25e66a5d9a490deab98" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0003/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0003/" } ] } diff --git a/2022/3xxx/CVE-2022-3424.json b/2022/3xxx/CVE-2022-3424.json index fcc5281bcff..630875db128 100644 --- a/2022/3xxx/CVE-2022-3424.json +++ b/2022/3xxx/CVE-2022-3424.json @@ -63,6 +63,11 @@ "refsource": "MISC", "name": "https://www.spinics.net/lists/kernel/msg4518970.html", "url": "https://www.spinics.net/lists/kernel/msg4518970.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0005/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0005/" } ] }, diff --git a/2022/3xxx/CVE-2022-3857.json b/2022/3xxx/CVE-2022-3857.json index c2f826a1584..006df7fafb5 100644 --- a/2022/3xxx/CVE-2022-3857.json +++ b/2022/3xxx/CVE-2022-3857.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://sourceforge.net/p/libpng/bugs/300/", "url": "https://sourceforge.net/p/libpng/bugs/300/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0004/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0004/" } ] }, diff --git a/2022/46xxx/CVE-2022-46793.json b/2022/46xxx/CVE-2022-46793.json index 624ef0409a2..969e44ae12c 100644 --- a/2022/46xxx/CVE-2022-46793.json +++ b/2022/46xxx/CVE-2022-46793.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-46793", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in AdTribes.Io Product Feed PRO for WooCommerce plugin <= 12.4.4 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "AdTribes.io", + "product": { + "product_data": [ + { + "product_name": "Product Feed PRO for WooCommerce", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "12.4.5", + "status": "unaffected" + } + ], + "lessThanOrEqual": "12.4.4", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/woo-product-feed-pro/wordpress-product-feed-pro-for-woocommerce-plugin-12-3-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/woo-product-feed-pro/wordpress-product-feed-pro-for-woocommerce-plugin-12-3-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 12.4.5 or a higher version." + } + ], + "value": "Update to\u00a012.4.5 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Muhammad Daffa (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/0xxx/CVE-2023-0225.json b/2023/0xxx/CVE-2023-0225.json index 81e73339281..d5156eb17cd 100644 --- a/2023/0xxx/CVE-2023-0225.json +++ b/2023/0xxx/CVE-2023-0225.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2023-0225.html", "url": "https://www.samba.org/samba/security/CVE-2023-0225.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0007/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0007/" } ] }, diff --git a/2023/0xxx/CVE-2023-0614.json b/2023/0xxx/CVE-2023-0614.json index fd929a857f1..aaa1be0b264 100644 --- a/2023/0xxx/CVE-2023-0614.json +++ b/2023/0xxx/CVE-2023-0614.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2023-0614.html", "url": "https://www.samba.org/samba/security/CVE-2023-0614.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0007/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0007/" } ] }, diff --git a/2023/0xxx/CVE-2023-0922.json b/2023/0xxx/CVE-2023-0922.json index 5f80206d344..f8296ea3cc3 100644 --- a/2023/0xxx/CVE-2023-0922.json +++ b/2023/0xxx/CVE-2023-0922.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.samba.org/samba/security/CVE-2023-0922.html", "url": "https://www.samba.org/samba/security/CVE-2023-0922.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0007/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0007/" } ] }, diff --git a/2023/1xxx/CVE-2023-1908.json b/2023/1xxx/CVE-2023-1908.json new file mode 100644 index 00000000000..088d94a0a2a --- /dev/null +++ b/2023/1xxx/CVE-2023-1908.json @@ -0,0 +1,106 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2023-1908", + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/categories/view_category.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-225150 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in SourceCodester Simple Mobile Comparison Website 1.0 ausgemacht. Es betrifft eine unbekannte Funktion der Datei /admin/categories/view_category.php der Komponente GET Parameter Handler. Mit der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Simple Mobile Comparison Website", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.225150", + "refsource": "MISC", + "name": "https://vuldb.com/?id.225150" + }, + { + "url": "https://vuldb.com/?ctiid.225150", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.225150" + }, + { + "url": "https://github.com/Kerkong/bug_report/blob/main/SQLi-1.md", + "refsource": "MISC", + "name": "https://github.com/Kerkong/bug_report/blob/main/SQLi-1.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Zhang RuiMing (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" + } + ] + } +} \ No newline at end of file diff --git a/2023/1xxx/CVE-2023-1909.json b/2023/1xxx/CVE-2023-1909.json new file mode 100644 index 00000000000..13056f9c33e --- /dev/null +++ b/2023/1xxx/CVE-2023-1909.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-1909", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/23xxx/CVE-2023-23801.json b/2023/23xxx/CVE-2023-23801.json index 2c4dc70a9a4..cebcb1c2b11 100644 --- a/2023/23xxx/CVE-2023-23801.json +++ b/2023/23xxx/CVE-2023-23801.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-23801", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in HasThemes Really Simple Google Tag Manager plugin <= 1.0.6 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "HasThemes", + "product": { + "product_data": [ + { + "product_name": "Really Simple Google Tag Manager", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.0.7", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.0.6", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/really-simple-google-tag-manager/wordpress-really-simple-google-tag-manager-plugin-1-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/really-simple-google-tag-manager/wordpress-really-simple-google-tag-manager-plugin-1-0-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 1.0.7 or a higher version." + } + ], + "value": "Update to\u00a01.0.7 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Lana Codes (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/26xxx/CVE-2023-26242.json b/2023/26xxx/CVE-2023-26242.json index c3f5d28c902..d327f7c5b3f 100644 --- a/2023/26xxx/CVE-2023-26242.json +++ b/2023/26xxx/CVE-2023-26242.json @@ -56,6 +56,11 @@ "url": "https://patchwork.kernel.org/project/linux-fpga/patch/20230206054326.89323-1-k1rh4.lee@gmail.com", "refsource": "MISC", "name": "https://patchwork.kernel.org/project/linux-fpga/patch/20230206054326.89323-1-k1rh4.lee@gmail.com" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0002/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0002/" } ] } diff --git a/2023/27xxx/CVE-2023-27567.json b/2023/27xxx/CVE-2023-27567.json index 4e4e07f5462..b6177475c25 100644 --- a/2023/27xxx/CVE-2023-27567.json +++ b/2023/27xxx/CVE-2023-27567.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2", "url": "https://github.com/openbsd/src/commit/0a543725ccdd2a01669122ce79bb67e66ede77f2" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20230406-0001/", + "url": "https://security.netapp.com/advisory/ntap-20230406-0001/" } ] } diff --git a/2023/29xxx/CVE-2023-29437.json b/2023/29xxx/CVE-2023-29437.json new file mode 100644 index 00000000000..caf934bae84 --- /dev/null +++ b/2023/29xxx/CVE-2023-29437.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-29437", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/29xxx/CVE-2023-29438.json b/2023/29xxx/CVE-2023-29438.json new file mode 100644 index 00000000000..af29bb77e00 --- /dev/null +++ b/2023/29xxx/CVE-2023-29438.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-29438", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/29xxx/CVE-2023-29439.json b/2023/29xxx/CVE-2023-29439.json new file mode 100644 index 00000000000..d1d517d28a7 --- /dev/null +++ b/2023/29xxx/CVE-2023-29439.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-29439", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/29xxx/CVE-2023-29440.json b/2023/29xxx/CVE-2023-29440.json new file mode 100644 index 00000000000..33176b397d9 --- /dev/null +++ b/2023/29xxx/CVE-2023-29440.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-29440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/29xxx/CVE-2023-29441.json b/2023/29xxx/CVE-2023-29441.json new file mode 100644 index 00000000000..e72122d34da --- /dev/null +++ b/2023/29xxx/CVE-2023-29441.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-29441", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file