diff --git a/2023/46xxx/CVE-2023-46627.json b/2023/46xxx/CVE-2023-46627.json
index c780e749e3d..5438152c4ad 100644
--- a/2023/46xxx/CVE-2023-46627.json
+++ b/2023/46xxx/CVE-2023-46627.json
@@ -1,18 +1,77 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46627",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "audit@patchstack.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <=\u00a02.1 versions."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Ashish Ajani",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "WordPress Simple HTML Sitemap",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "n/a",
+ "version_value": "2.1"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://patchstack.com/database/vulnerability/wp-simple-html-sitemap/wordpress-wordpress-simple-html-sitemap-plugin-2-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
+ "refsource": "MISC",
+ "name": "https://patchstack.com/database/vulnerability/wp-simple-html-sitemap/wordpress-wordpress-simple-html-sitemap-plugin-2-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Le Ngoc Anh (Patchstack Alliance)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/46xxx/CVE-2023-46640.json b/2023/46xxx/CVE-2023-46640.json
index 230ba1fc6ea..a62fdafe584 100644
--- a/2023/46xxx/CVE-2023-46640.json
+++ b/2023/46xxx/CVE-2023-46640.json
@@ -1,18 +1,105 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46640",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "audit@patchstack.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <=\u00a01.3.9 versions."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "D. Relton",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Medialist",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "not down converted",
+ "x_cve_json_5_version_data": {
+ "versions": [
+ {
+ "changes": [
+ {
+ "at": "1.4.0",
+ "status": "unaffected"
+ }
+ ],
+ "lessThanOrEqual": "1.3.9",
+ "status": "affected",
+ "version": "n/a",
+ "versionType": "custom"
+ }
+ ],
+ "defaultStatus": "unaffected"
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://patchstack.com/database/vulnerability/media-list/wordpress-medialist-plugin-1-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
+ "refsource": "MISC",
+ "name": "https://patchstack.com/database/vulnerability/media-list/wordpress-medialist-plugin-1-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Update to 1.4.0 or a higher version."
+ }
+ ],
+ "value": "Update to\u00a01.4.0 or a higher version."
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Tien from VNPT-VCI (Patchstack Alliance)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/46xxx/CVE-2023-46642.json b/2023/46xxx/CVE-2023-46642.json
index 62213b13048..f2e839ed55b 100644
--- a/2023/46xxx/CVE-2023-46642.json
+++ b/2023/46xxx/CVE-2023-46642.json
@@ -1,18 +1,77 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46642",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "audit@patchstack.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <=\u00a01.2.2 versions."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "sahumedia",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "SAHU TikTok Pixel for E-Commerce",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "n/a",
+ "version_value": "1.2.2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://patchstack.com/database/vulnerability/sahu-tiktok-pixel/wordpress-sahu-tiktok-pixel-for-e-commerce-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
+ "refsource": "MISC",
+ "name": "https://patchstack.com/database/vulnerability/sahu-tiktok-pixel/wordpress-sahu-tiktok-pixel-for-e-commerce-plugin-1-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Rio Darmawan (Patchstack Alliance)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/46xxx/CVE-2023-46643.json b/2023/46xxx/CVE-2023-46643.json
index 91e01bd0bf9..ecc74f5fefe 100644
--- a/2023/46xxx/CVE-2023-46643.json
+++ b/2023/46xxx/CVE-2023-46643.json
@@ -1,18 +1,77 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-46643",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "audit@patchstack.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <=\u00a03.2.0 versions."
}
]
- }
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
+ "cweId": "CWE-79"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "GARY JEZORSKI",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "CloudNet360",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "<=",
+ "version_name": "n/a",
+ "version_value": "3.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://patchstack.com/database/vulnerability/cloudnet-sync/wordpress-cloudnet360-plugin-3-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
+ "refsource": "MISC",
+ "name": "https://patchstack.com/database/vulnerability/cloudnet-sync/wordpress-cloudnet360-plugin-3-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Nithissh S (Patchstack Alliance)"
+ }
+ ]
}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47379.json b/2023/47xxx/CVE-2023-47379.json
index bd640764a40..86d1abbaec0 100644
--- a/2023/47xxx/CVE-2023-47379.json
+++ b/2023/47xxx/CVE-2023-47379.json
@@ -1,17 +1,71 @@
{
- "data_type": "CVE",
- "data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
- "ID": "CVE-2023-47379",
"ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ID": "CVE-2023-47379",
+ "STATE": "PUBLIC"
},
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/",
+ "refsource": "MISC",
+ "name": "https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/"
+ },
+ {
+ "url": "https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00",
+ "refsource": "MISC",
+ "name": "https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00"
+ },
+ {
+ "url": "https://github.com/microweber/microweber/blob/master/CHANGELOG.md",
+ "refsource": "MISC",
+ "name": "https://github.com/microweber/microweber/blob/master/CHANGELOG.md"
}
]
}
diff --git a/2023/47xxx/CVE-2023-47679.json b/2023/47xxx/CVE-2023-47679.json
new file mode 100644
index 00000000000..595c3ed195f
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47679.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47679",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47680.json b/2023/47xxx/CVE-2023-47680.json
new file mode 100644
index 00000000000..4840d54b3ed
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47680.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47680",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47681.json b/2023/47xxx/CVE-2023-47681.json
new file mode 100644
index 00000000000..d0326674606
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47681.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47681",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47682.json b/2023/47xxx/CVE-2023-47682.json
new file mode 100644
index 00000000000..c752f2f7e09
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47682.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47682",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47683.json b/2023/47xxx/CVE-2023-47683.json
new file mode 100644
index 00000000000..beefdd19be2
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47683.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47683",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47684.json b/2023/47xxx/CVE-2023-47684.json
new file mode 100644
index 00000000000..d70a746d911
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47684.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47684",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47685.json b/2023/47xxx/CVE-2023-47685.json
new file mode 100644
index 00000000000..1074c97d76e
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47685.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47685",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47686.json b/2023/47xxx/CVE-2023-47686.json
new file mode 100644
index 00000000000..624cea35588
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47686.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47686",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47687.json b/2023/47xxx/CVE-2023-47687.json
new file mode 100644
index 00000000000..0ad1baf59b7
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47687.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47687",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/47xxx/CVE-2023-47688.json b/2023/47xxx/CVE-2023-47688.json
new file mode 100644
index 00000000000..6cd6c75ff13
--- /dev/null
+++ b/2023/47xxx/CVE-2023-47688.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-47688",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2023/5xxx/CVE-2023-5760.json b/2023/5xxx/CVE-2023-5760.json
index aa06d78af3b..461c8b09a9e 100644
--- a/2023/5xxx/CVE-2023-5760.json
+++ b/2023/5xxx/CVE-2023-5760.json
@@ -1,17 +1,106 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5760",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security@nortonlifelock.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "A time-of-check to time-of-use (TOCTOU) bug in handling of IOCTL (input/output control) requests. This TOCTOU bug leads to an out-of-bounds write vulnerability which can be further exploited, allowing an attacker to gain full local privilege escalation on the system.This issue affects Avast/Avg Antivirus: 23.8.\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
+ "cweId": "CWE-367"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Avast/AVG",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Avast/Avg Antivirus",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": " 23.8"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://support.norton.com/sp/static/external/tools/security-advisories.html",
+ "refsource": "MISC",
+ "name": "https://support.norton.com/sp/static/external/tools/security-advisories.html"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "We encourage customers to ensure their security software is always updated to the latest version available.
"
+ }
+ ],
+ "value": "We encourage customers to ensure their security software is always updated to the latest version available.\n"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Wei Sheng Teo of Ensign InfoSecurity|"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "PHYSICAL",
+ "availabilityImpact": "NONE",
+ "baseScore": 0,
+ "baseSeverity": "NONE",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/5xxx/CVE-2023-5913.json b/2023/5xxx/CVE-2023-5913.json
index 50cbf4a9d8a..e6d5efd2d9b 100644
--- a/2023/5xxx/CVE-2023-5913.json
+++ b/2023/5xxx/CVE-2023-5913.json
@@ -1,17 +1,124 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5913",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "security@opentext.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "Incorrect Privilege Assignment vulnerability in opentext Fortify ScanCentral DAST. The\u00a0vulnerability could be exploited to gain elevated privileges.This issue affects Fortify ScanCentral DAST versions 21.1, 21.2, 21.2.1, 22.1, 22.1.1, 22.2, 23.1.\n\n"
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-266 Incorrect Privilege Assignment",
+ "cweId": "CWE-266"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "opentext",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Fortify ScanCentral DAST",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "21.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "21.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "21.2.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "22.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "22.1.1"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "22.2"
+ },
+ {
+ "version_affected": "=",
+ "version_value": "23.1"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://portal.microfocus.com/s/article/KM000023500?language=en_US",
+ "refsource": "MISC",
+ "name": "https://portal.microfocus.com/s/article/KM000023500?language=en_US"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.1.0-dev"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "\n\nportal.microfocus.com/s/article/KM000023500?language=en_US\n\n
"
+ }
+ ],
+ "value": "\n portal.microfocus.com/s/article/KM000023500?language=en_US https://portal.microfocus.com/s/article/KM000023500 \n\n\n"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 8.2,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2023/6xxx/CVE-2023-6035.json b/2023/6xxx/CVE-2023-6035.json
new file mode 100644
index 00000000000..e9cee32c46d
--- /dev/null
+++ b/2023/6xxx/CVE-2023-6035.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2023-6035",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file