diff --git a/2023/24xxx/CVE-2023-24229.json b/2023/24xxx/CVE-2023-24229.json index 65bd849365a..ddae894ff01 100644 --- a/2023/24xxx/CVE-2023-24229.json +++ b/2023/24xxx/CVE-2023-24229.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter." + "value": "** UNSUPPORTED WHEN ASSIGNED ** DrayTek Vigor2960 v1.5.1.4 allows an authenticated attacker with network access to the web management interface to inject operating system commands via the mainfunction.cgi 'parameter' parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." } ] }, @@ -76,6 +76,11 @@ "refsource": "MISC", "name": "https://www.draytek.com/support/knowledge-base/5465", "url": "https://www.draytek.com/support/knowledge-base/5465" + }, + { + "refsource": "MISC", + "name": "https://www.draytek.com/about/newsroom/2021/2021/end-of-life-notification-vigor2960", + "url": "https://www.draytek.com/about/newsroom/2021/2021/end-of-life-notification-vigor2960" } ] } diff --git a/2023/30xxx/CVE-2023-30496.json b/2023/30xxx/CVE-2023-30496.json index da35f40a360..192683db20d 100644 --- a/2023/30xxx/CVE-2023-30496.json +++ b/2023/30xxx/CVE-2023-30496.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-30496", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MagePeople Team WpBusTicketly plugin <=\u00a05.2.5 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "MagePeople Team", + "product": { + "product_data": [ + { + "product_name": "WpBusTicketly", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "5.2.6", + "status": "unaffected" + } + ], + "lessThanOrEqual": "5.2.5", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/bus-ticket-booking-with-seat-reservation/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/bus-ticket-booking-with-seat-reservation/wordpress-bus-ticket-booking-with-seat-reservation-plugin-5-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 5.2.6 or a higher version." + } + ], + "value": "Update to\u00a05.2.6 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Ivy - TOOR, LISA (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/36xxx/CVE-2023-36017.json b/2023/36xxx/CVE-2023-36017.json index 865442c9026..3950a625c50 100644 --- a/2023/36xxx/CVE-2023-36017.json +++ b/2023/36xxx/CVE-2023-36017.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -257,7 +257,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -281,7 +281,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36025.json b/2023/36xxx/CVE-2023-36025.json index 72e1257d325..0b15ca945e3 100644 --- a/2023/36xxx/CVE-2023-36025.json +++ b/2023/36xxx/CVE-2023-36025.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36028.json b/2023/36xxx/CVE-2023-36028.json index 8492be866c0..664795a1f15 100644 --- a/2023/36xxx/CVE-2023-36028.json +++ b/2023/36xxx/CVE-2023-36028.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36033.json b/2023/36xxx/CVE-2023-36033.json index 841dd14e5bc..9d25ecce31d 100644 --- a/2023/36xxx/CVE-2023-36033.json +++ b/2023/36xxx/CVE-2023-36033.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36036.json b/2023/36xxx/CVE-2023-36036.json index dc1516bb92c..dd71c2a806d 100644 --- a/2023/36xxx/CVE-2023-36036.json +++ b/2023/36xxx/CVE-2023-36036.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -293,7 +293,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -317,7 +317,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36046.json b/2023/36xxx/CVE-2023-36046.json index ced4b0ba2d9..1dfd9406827 100644 --- a/2023/36xxx/CVE-2023-36046.json +++ b/2023/36xxx/CVE-2023-36046.json @@ -65,7 +65,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -77,7 +77,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36047.json b/2023/36xxx/CVE-2023-36047.json index 56fa24c0326..c6da26d2f12 100644 --- a/2023/36xxx/CVE-2023-36047.json +++ b/2023/36xxx/CVE-2023-36047.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36393.json b/2023/36xxx/CVE-2023-36393.json index fa0e47d75d8..c9719493837 100644 --- a/2023/36xxx/CVE-2023-36393.json +++ b/2023/36xxx/CVE-2023-36393.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36394.json b/2023/36xxx/CVE-2023-36394.json index 85b870d70b8..e3fd0cf87ed 100644 --- a/2023/36xxx/CVE-2023-36394.json +++ b/2023/36xxx/CVE-2023-36394.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } diff --git a/2023/36xxx/CVE-2023-36396.json b/2023/36xxx/CVE-2023-36396.json index 6feaa5f7d54..62ff0d271d6 100644 --- a/2023/36xxx/CVE-2023-36396.json +++ b/2023/36xxx/CVE-2023-36396.json @@ -53,7 +53,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -65,7 +65,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36397.json b/2023/36xxx/CVE-2023-36397.json index f3066281485..1163f1a5358 100644 --- a/2023/36xxx/CVE-2023-36397.json +++ b/2023/36xxx/CVE-2023-36397.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36398.json b/2023/36xxx/CVE-2023-36398.json index 3b3a096360f..f7b19e31794 100644 --- a/2023/36xxx/CVE-2023-36398.json +++ b/2023/36xxx/CVE-2023-36398.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -233,7 +233,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -257,7 +257,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36399.json b/2023/36xxx/CVE-2023-36399.json index 365642a875e..7809600abf6 100644 --- a/2023/36xxx/CVE-2023-36399.json +++ b/2023/36xxx/CVE-2023-36399.json @@ -89,7 +89,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36400.json b/2023/36xxx/CVE-2023-36400.json index c94955de860..76760c93b68 100644 --- a/2023/36xxx/CVE-2023-36400.json +++ b/2023/36xxx/CVE-2023-36400.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36401.json b/2023/36xxx/CVE-2023-36401.json index f9a3519ca9c..d4d7c0eb86f 100644 --- a/2023/36xxx/CVE-2023-36401.json +++ b/2023/36xxx/CVE-2023-36401.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36402.json b/2023/36xxx/CVE-2023-36402.json index 11ac304c19d..fb70a4d2c80 100644 --- a/2023/36xxx/CVE-2023-36402.json +++ b/2023/36xxx/CVE-2023-36402.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36403.json b/2023/36xxx/CVE-2023-36403.json index 93a75885134..9b2ac253714 100644 --- a/2023/36xxx/CVE-2023-36403.json +++ b/2023/36xxx/CVE-2023-36403.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36404.json b/2023/36xxx/CVE-2023-36404.json index 04ee3945ec2..04f8f268e50 100644 --- a/2023/36xxx/CVE-2023-36404.json +++ b/2023/36xxx/CVE-2023-36404.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36405.json b/2023/36xxx/CVE-2023-36405.json index 6017f56621f..9e0d0fa2711 100644 --- a/2023/36xxx/CVE-2023-36405.json +++ b/2023/36xxx/CVE-2023-36405.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36406.json b/2023/36xxx/CVE-2023-36406.json index 979e5a7accb..61656718148 100644 --- a/2023/36xxx/CVE-2023-36406.json +++ b/2023/36xxx/CVE-2023-36406.json @@ -77,7 +77,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -89,7 +89,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36407.json b/2023/36xxx/CVE-2023-36407.json index b317f55e0ed..79c37e772a3 100644 --- a/2023/36xxx/CVE-2023-36407.json +++ b/2023/36xxx/CVE-2023-36407.json @@ -77,7 +77,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -89,7 +89,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36408.json b/2023/36xxx/CVE-2023-36408.json index fd7783388f0..989c0fabdbd 100644 --- a/2023/36xxx/CVE-2023-36408.json +++ b/2023/36xxx/CVE-2023-36408.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36423.json b/2023/36xxx/CVE-2023-36423.json index 4e017201646..03277354f34 100644 --- a/2023/36xxx/CVE-2023-36423.json +++ b/2023/36xxx/CVE-2023-36423.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36424.json b/2023/36xxx/CVE-2023-36424.json index 4d02c1b429f..488e635b2c0 100644 --- a/2023/36xxx/CVE-2023-36424.json +++ b/2023/36xxx/CVE-2023-36424.json @@ -41,7 +41,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -65,7 +65,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } diff --git a/2023/36xxx/CVE-2023-36425.json b/2023/36xxx/CVE-2023-36425.json index 93136b08383..da5653e522b 100644 --- a/2023/36xxx/CVE-2023-36425.json +++ b/2023/36xxx/CVE-2023-36425.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36427.json b/2023/36xxx/CVE-2023-36427.json index 4cbb7ee41d4..9e485f7bb60 100644 --- a/2023/36xxx/CVE-2023-36427.json +++ b/2023/36xxx/CVE-2023-36427.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36428.json b/2023/36xxx/CVE-2023-36428.json index d3f395b35b9..18386bb5038 100644 --- a/2023/36xxx/CVE-2023-36428.json +++ b/2023/36xxx/CVE-2023-36428.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36705.json b/2023/36xxx/CVE-2023-36705.json index 51a917b0940..4f07c04db08 100644 --- a/2023/36xxx/CVE-2023-36705.json +++ b/2023/36xxx/CVE-2023-36705.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/36xxx/CVE-2023-36719.json b/2023/36xxx/CVE-2023-36719.json index 2db029b9116..31774cc0f1b 100644 --- a/2023/36xxx/CVE-2023-36719.json +++ b/2023/36xxx/CVE-2023-36719.json @@ -101,7 +101,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.19041.3693" + "version_value": "10.0.19043.3693" } ] } @@ -137,7 +137,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } @@ -149,7 +149,7 @@ { "version_affected": "<", "version_name": "10.0.0", - "version_value": "10.0.22621.2715" + "version_value": "10.0.22631.2715" } ] } diff --git a/2023/47xxx/CVE-2023-47759.json b/2023/47xxx/CVE-2023-47759.json index da9855c0238..53bad7b05ee 100644 --- a/2023/47xxx/CVE-2023-47759.json +++ b/2023/47xxx/CVE-2023-47759.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-47759", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Premio Chaty plugin <=\u00a03.1.2 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Premio", + "product": { + "product_data": [ + { + "product_name": "Chaty", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "3.1.3", + "status": "unaffected" + } + ], + "lessThanOrEqual": "3.1.2", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/chaty/wordpress-chaty-plugin-3-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/chaty/wordpress-chaty-plugin-3-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 3.1.3 or a higher version." + } + ], + "value": "Update to\u00a03.1.3 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "emad (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/47xxx/CVE-2023-47824.json b/2023/47xxx/CVE-2023-47824.json index 65fe49bd962..889ba037bb1 100644 --- a/2023/47xxx/CVE-2023-47824.json +++ b/2023/47xxx/CVE-2023-47824.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-47824", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages \u2013 Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator plugin <=\u00a01.3.8 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "wpWax", + "product": { + "product_data": [ + { + "product_name": "Legal Pages \u2013 Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.3.9", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.3.8", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/legal-pages/wordpress-legal-pages-plugin-1-3-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/legal-pages/wordpress-legal-pages-plugin-1-3-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 1.3.9 or a higher version." + } + ], + "value": "Update to\u00a01.3.9 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Brandon Roldan (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L", + "version": "3.1" } ] } diff --git a/2023/47xxx/CVE-2023-47825.json b/2023/47xxx/CVE-2023-47825.json index cd863643b00..88035865ec8 100644 --- a/2023/47xxx/CVE-2023-47825.json +++ b/2023/47xxx/CVE-2023-47825.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-47825", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra plugin <=\u00a06.4 versions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-352 Cross-Site Request Forgery (CSRF)", + "cweId": "CWE-352" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TienCOP", + "product": { + "product_data": [ + { + "product_name": "WP EXtra", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "6.5", + "status": "unaffected" + } + ], + "lessThanOrEqual": "6.4", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-extra/wordpress-wp-extra-plugin-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/wp-extra/wordpress-wp-extra-plugin-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 6.5 or a higher version." + } + ], + "value": "Update to\u00a06.5 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Huynh Tien Si (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2023/49xxx/CVE-2023-49145.json b/2023/49xxx/CVE-2023-49145.json new file mode 100644 index 00000000000..4a47909921e --- /dev/null +++ b/2023/49xxx/CVE-2023-49145.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-49145", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2023/6xxx/CVE-2023-6265.json b/2023/6xxx/CVE-2023-6265.json new file mode 100644 index 00000000000..12b3c796605 --- /dev/null +++ b/2023/6xxx/CVE-2023-6265.json @@ -0,0 +1,103 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2023-6265", + "ASSIGNER": "cve@mitre.org", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** UNSUPPPORTED WHEN ASSIGNED ** Draytek Vigor2960 v1.5.1.4 and v1.5.1.5 are vulnerable to directory traversal via the mainfunction.cgi dumpSyslog 'option' parameter allowing an authenticated attacker with access to the web management interface to delete arbitrary files. Vigor2960 is no longer supported." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Path Traversal", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "DrayTek", + "product": { + "product_data": [ + { + "product_name": "Vigor2960", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.5.1.4" + }, + { + "version_affected": "=", + "version_value": "1.5.1.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md", + "refsource": "MISC", + "name": "https://github.com/xxy1126/Vuln/blob/main/Draytek/4.md" + }, + { + "url": "https://www.draytek.com/products/vigor2960/", + "refsource": "MISC", + "name": "https://www.draytek.com/products/vigor2960/" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Tmotfl (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0066.json b/2024/0xxx/CVE-2024-0066.json new file mode 100644 index 00000000000..cac92d51618 --- /dev/null +++ b/2024/0xxx/CVE-2024-0066.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0066", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/0xxx/CVE-2024-0067.json b/2024/0xxx/CVE-2024-0067.json new file mode 100644 index 00000000000..e9ca0b635a2 --- /dev/null +++ b/2024/0xxx/CVE-2024-0067.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-0067", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file