From 00874a04ede35896060d0f352d1c60f5ea015f10 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 25 May 2023 22:00:29 +0000 Subject: [PATCH] Auto-Update: 2023-05-25T22:00:25.809465+00:00 --- CVE-2017/CVE-2017-60xx/CVE-2017-6059.json | 6 +- CVE-2017/CVE-2017-60xx/CVE-2017-6062.json | 6 +- CVE-2017/CVE-2017-64xx/CVE-2017-6413.json | 6 +- .../CVE-2019-10102xx/CVE-2019-1010247.json | 6 +- CVE-2019/CVE-2019-148xx/CVE-2019-14857.json | 6 +- CVE-2019/CVE-2019-204xx/CVE-2019-20479.json | 6 +- CVE-2021/CVE-2021-207xx/CVE-2021-20718.json | 6 +- CVE-2021/CVE-2021-327xx/CVE-2021-32785.json | 6 +- CVE-2021/CVE-2021-327xx/CVE-2021-32786.json | 6 +- CVE-2021/CVE-2021-327xx/CVE-2021-32791.json | 6 +- CVE-2021/CVE-2021-327xx/CVE-2021-32792.json | 6 +- CVE-2021/CVE-2021-391xx/CVE-2021-39191.json | 6 +- CVE-2022/CVE-2022-235xx/CVE-2022-23527.json | 6 +- CVE-2023/CVE-2023-09xx/CVE-2023-0950.json | 32 +++++++ CVE-2023/CVE-2023-19xx/CVE-2023-1996.json | 58 +++++++++++- CVE-2023/CVE-2023-223xx/CVE-2023-22318.json | 58 +++++++++++- CVE-2023/CVE-2023-22xx/CVE-2023-2255.json | 32 +++++++ CVE-2023/CVE-2023-254xx/CVE-2023-25439.json | 20 +++++ CVE-2023/CVE-2023-27xx/CVE-2023-2714.json | 72 +++++++++++++-- CVE-2023/CVE-2023-27xx/CVE-2023-2738.json | 59 +++++++++++-- CVE-2023/CVE-2023-281xx/CVE-2023-28131.json | 8 +- CVE-2023/CVE-2023-286xx/CVE-2023-28625.json | 18 ++-- CVE-2023/CVE-2023-28xx/CVE-2023-2814.json | 61 +++++++++++-- CVE-2023/CVE-2023-28xx/CVE-2023-2815.json | 60 +++++++++++-- CVE-2023/CVE-2023-29xx/CVE-2023-2900.json | 88 +++++++++++++++++++ CVE-2023/CVE-2023-332xx/CVE-2023-33263.json | 20 +++++ CVE-2023/CVE-2023-332xx/CVE-2023-33278.json | 24 +++++ CVE-2023/CVE-2023-332xx/CVE-2023-33279.json | 20 +++++ CVE-2023/CVE-2023-332xx/CVE-2023-33280.json | 24 +++++ README.md | 68 +++++++------- 30 files changed, 692 insertions(+), 108 deletions(-) create mode 100644 CVE-2023/CVE-2023-09xx/CVE-2023-0950.json create mode 100644 CVE-2023/CVE-2023-22xx/CVE-2023-2255.json create mode 100644 CVE-2023/CVE-2023-254xx/CVE-2023-25439.json create mode 100644 CVE-2023/CVE-2023-29xx/CVE-2023-2900.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33263.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33278.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33279.json create mode 100644 CVE-2023/CVE-2023-332xx/CVE-2023-33280.json diff --git a/CVE-2017/CVE-2017-60xx/CVE-2017-6059.json b/CVE-2017/CVE-2017-60xx/CVE-2017-6059.json index dad10fd3c06..a172ccd5fcd 100644 --- a/CVE-2017/CVE-2017-60xx/CVE-2017-6059.json +++ b/CVE-2017/CVE-2017-60xx/CVE-2017-6059.json @@ -2,7 +2,7 @@ "id": "CVE-2017-6059", "sourceIdentifier": "cve@mitre.org", "published": "2017-04-12T20:59:00.763", - "lastModified": "2020-06-16T15:23:14.893", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.1.4", - "matchCriteriaId": "C7E80D3A-01C2-4ED6-B1B2-E6E0357A06D3" + "matchCriteriaId": "1296F955-6E42-43B5-846A-E8AAA7348301" } ] } diff --git a/CVE-2017/CVE-2017-60xx/CVE-2017-6062.json b/CVE-2017/CVE-2017-60xx/CVE-2017-6062.json index aa2e398d21c..524e0fb8859 100644 --- a/CVE-2017/CVE-2017-60xx/CVE-2017-6062.json +++ b/CVE-2017/CVE-2017-60xx/CVE-2017-6062.json @@ -2,7 +2,7 @@ "id": "CVE-2017-6062", "sourceIdentifier": "cve@mitre.org", "published": "2017-03-02T06:59:00.230", - "lastModified": "2019-10-25T19:15:10.467", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:pingidentity:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.1.4", - "matchCriteriaId": "98B3D637-5918-4E31-8E2F-21C1BBE5E8EA" + "matchCriteriaId": "43366310-2BC3-4C85-8CF8-85E2AA63C95D" } ] } diff --git a/CVE-2017/CVE-2017-64xx/CVE-2017-6413.json b/CVE-2017/CVE-2017-64xx/CVE-2017-6413.json index 85a195dcddb..e4ae58e77c7 100644 --- a/CVE-2017/CVE-2017-64xx/CVE-2017-6413.json +++ b/CVE-2017/CVE-2017-64xx/CVE-2017-6413.json @@ -2,7 +2,7 @@ "id": "CVE-2017-6413", "sourceIdentifier": "cve@mitre.org", "published": "2017-03-02T06:59:01.217", - "lastModified": "2017-03-07T02:59:03.720", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:pingidentity:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndIncluding": "2.1.5", - "matchCriteriaId": "2031EC3C-E494-4EFF-BDE0-D4601798728F" + "matchCriteriaId": "0658E71C-DBA4-445D-A78B-51CC87B4F876" } ] } diff --git a/CVE-2019/CVE-2019-10102xx/CVE-2019-1010247.json b/CVE-2019/CVE-2019-10102xx/CVE-2019-1010247.json index 35a1632342d..d42f01c84ab 100644 --- a/CVE-2019/CVE-2019-10102xx/CVE-2019-1010247.json +++ b/CVE-2019/CVE-2019-10102xx/CVE-2019-1010247.json @@ -2,7 +2,7 @@ "id": "CVE-2019-1010247", "sourceIdentifier": "josh@bress.net", "published": "2019-07-19T15:15:12.063", - "lastModified": "2020-07-30T00:15:11.890", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.3.10.2", - "matchCriteriaId": "A303072E-B691-4DD8-9431-FA3EBE603886" + "matchCriteriaId": "2EC27208-2C72-4228-BFD4-9BFCBA66A9A8" } ] } diff --git a/CVE-2019/CVE-2019-148xx/CVE-2019-14857.json b/CVE-2019/CVE-2019-148xx/CVE-2019-14857.json index 141e5ebd5bd..0a8cd592a60 100644 --- a/CVE-2019/CVE-2019-148xx/CVE-2019-14857.json +++ b/CVE-2019/CVE-2019-148xx/CVE-2019-14857.json @@ -2,7 +2,7 @@ "id": "CVE-2019-14857", "sourceIdentifier": "secalert@redhat.com", "published": "2019-11-26T12:15:10.807", - "lastModified": "2020-07-30T00:15:12.060", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -116,9 +116,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:mod_auth_openidc_project:mod_auth_openidc:*:*:*:*:*:apache:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.0.1", - "matchCriteriaId": "E5DE9A80-E876-4CA0-889A-F0C1E7E20F89" + "matchCriteriaId": "FA1328CD-1DA2-487A-9844-6661EA2BC4AD" } ] } diff --git a/CVE-2019/CVE-2019-204xx/CVE-2019-20479.json b/CVE-2019/CVE-2019-204xx/CVE-2019-20479.json index 906617ddd18..9eb85ff4db2 100644 --- a/CVE-2019/CVE-2019-204xx/CVE-2019-20479.json +++ b/CVE-2019/CVE-2019-204xx/CVE-2019-20479.json @@ -2,7 +2,7 @@ "id": "CVE-2019-20479", "sourceIdentifier": "cve@mitre.org", "published": "2020-02-20T06:15:11.027", - "lastModified": "2023-04-30T23:15:44.793", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.1", - "matchCriteriaId": "340B3FF8-09B5-4A91-8565-71B743562BA4" + "matchCriteriaId": "F486B27B-8085-4A55-9FFC-4AB9A349D445" } ] } diff --git a/CVE-2021/CVE-2021-207xx/CVE-2021-20718.json b/CVE-2021/CVE-2021-207xx/CVE-2021-20718.json index 2626ffa5ab1..f07bee437bd 100644 --- a/CVE-2021/CVE-2021-207xx/CVE-2021-20718.json +++ b/CVE-2021/CVE-2021-207xx/CVE-2021-20718.json @@ -2,7 +2,7 @@ "id": "CVE-2021-20718", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2021-05-20T02:15:07.117", - "lastModified": "2022-02-21T04:59:17.280", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,10 +84,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.4.0", "versionEndIncluding": "2.4.7", - "matchCriteriaId": "0040DA01-F32A-4514-8BE1-4CCBD4CD461F" + "matchCriteriaId": "4250F5B0-2168-4F55-869C-C45EAEFC0380" } ] } diff --git a/CVE-2021/CVE-2021-327xx/CVE-2021-32785.json b/CVE-2021/CVE-2021-327xx/CVE-2021-32785.json index 467bc7d20b4..89bf33d1470 100644 --- a/CVE-2021/CVE-2021-327xx/CVE-2021-32785.json +++ b/CVE-2021/CVE-2021-327xx/CVE-2021-32785.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32785", "sourceIdentifier": "security-advisories@github.com", "published": "2021-07-22T22:15:08.140", - "lastModified": "2023-04-30T23:15:45.297", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -115,9 +115,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.9", - "matchCriteriaId": "C5E7F723-10A1-40C1-A7B7-839BDEC4AD67" + "matchCriteriaId": "FAEFDBA2-55AD-410B-95C4-D2524C65B4A8" } ] }, diff --git a/CVE-2021/CVE-2021-327xx/CVE-2021-32786.json b/CVE-2021/CVE-2021-327xx/CVE-2021-32786.json index 1eb6df85fbb..578b436b36c 100644 --- a/CVE-2021/CVE-2021-327xx/CVE-2021-32786.json +++ b/CVE-2021/CVE-2021-327xx/CVE-2021-32786.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32786", "sourceIdentifier": "security-advisories@github.com", "published": "2021-07-22T22:15:08.233", - "lastModified": "2023-04-30T23:15:45.397", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -115,9 +115,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.9", - "matchCriteriaId": "C5E7F723-10A1-40C1-A7B7-839BDEC4AD67" + "matchCriteriaId": "FAEFDBA2-55AD-410B-95C4-D2524C65B4A8" } ] }, diff --git a/CVE-2021/CVE-2021-327xx/CVE-2021-32791.json b/CVE-2021/CVE-2021-327xx/CVE-2021-32791.json index b168900c042..a25b131fa2c 100644 --- a/CVE-2021/CVE-2021-327xx/CVE-2021-32791.json +++ b/CVE-2021/CVE-2021-327xx/CVE-2021-32791.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32791", "sourceIdentifier": "security-advisories@github.com", "published": "2021-07-26T17:15:08.100", - "lastModified": "2023-04-30T23:15:45.497", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -119,9 +119,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.9", - "matchCriteriaId": "C5E7F723-10A1-40C1-A7B7-839BDEC4AD67" + "matchCriteriaId": "FAEFDBA2-55AD-410B-95C4-D2524C65B4A8" } ] }, diff --git a/CVE-2021/CVE-2021-327xx/CVE-2021-32792.json b/CVE-2021/CVE-2021-327xx/CVE-2021-32792.json index b848a052ec4..b17ccb6e192 100644 --- a/CVE-2021/CVE-2021-327xx/CVE-2021-32792.json +++ b/CVE-2021/CVE-2021-327xx/CVE-2021-32792.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32792", "sourceIdentifier": "security-advisories@github.com", "published": "2021-07-26T17:15:08.280", - "lastModified": "2023-04-30T23:15:45.597", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Modified", "descriptions": [ { @@ -115,9 +115,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.9", - "matchCriteriaId": "C5E7F723-10A1-40C1-A7B7-839BDEC4AD67" + "matchCriteriaId": "FAEFDBA2-55AD-410B-95C4-D2524C65B4A8" } ] }, diff --git a/CVE-2021/CVE-2021-391xx/CVE-2021-39191.json b/CVE-2021/CVE-2021-391xx/CVE-2021-39191.json index ca7c2d6d5f2..ed0e98cf352 100644 --- a/CVE-2021/CVE-2021-391xx/CVE-2021-39191.json +++ b/CVE-2021/CVE-2021-391xx/CVE-2021-39191.json @@ -2,7 +2,7 @@ "id": "CVE-2021-39191", "sourceIdentifier": "security-advisories@github.com", "published": "2021-09-03T14:15:07.210", - "lastModified": "2022-09-10T02:46:08.680", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -114,9 +114,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.9.4", - "matchCriteriaId": "1CF30752-E6C9-4658-98A5-25D40B44881B" + "matchCriteriaId": "93E4D476-0087-4EBC-82E8-6B233FCC291A" } ] } diff --git a/CVE-2022/CVE-2022-235xx/CVE-2022-23527.json b/CVE-2022/CVE-2022-235xx/CVE-2022-23527.json index 06402ec57ea..60e5917a48c 100644 --- a/CVE-2022/CVE-2022-235xx/CVE-2022-23527.json +++ b/CVE-2022/CVE-2022-235xx/CVE-2022-23527.json @@ -2,7 +2,7 @@ "id": "CVE-2022-23527", "sourceIdentifier": "security-advisories@github.com", "published": "2022-12-14T18:15:20.850", - "lastModified": "2022-12-16T20:50:44.487", + "lastModified": "2023-05-25T20:18:46.990", "vulnStatus": "Analyzed", "descriptions": [ { @@ -75,9 +75,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:zmartzone:mod_auth_openidc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.4.12.2", - "matchCriteriaId": "034AF8AC-5906-4CFD-9EC4-08A939123FF6" + "matchCriteriaId": "2154DC4B-791C-45E2-BC99-EB188F6AC62E" } ] } diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0950.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0950.json new file mode 100644 index 00000000000..5107f4b2086 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0950.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-0950", + "sourceIdentifier": "security@documentfoundation.org", + "published": "2023-05-25T20:15:09.207", + "lastModified": "2023-05-25T20:15:09.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet formulas, such as AGGREGATE, could be created with less parameters passed to the formula interpreter than it expected, leading to an array index underflow, in which case there is a risk that arbitrary code could be executed. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.6; 7.5 versions prior to 7.5.1." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@documentfoundation.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "references": [ + { + "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950", + "source": "security@documentfoundation.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1996.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1996.json index c8c476b926b..1030b6118d6 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1996.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1996.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1996", "sourceIdentifier": "3DS.Information-Security@3ds.com", "published": "2023-05-19T17:15:09.097", - "lastModified": "2023-05-19T17:53:19.810", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:19:40.510", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "3DS.Information-Security@3ds.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "3DS.Information-Security@3ds.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:3ds:3dexperience:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r2018x", + "versionEndIncluding": "r2023x", + "matchCriteriaId": "C52DD94A-7AF6-443B-A1C8-6346427DF8E7" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.3ds.com/vulnerability/advisories", - "source": "3DS.Information-Security@3ds.com" + "source": "3DS.Information-Security@3ds.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-223xx/CVE-2023-22318.json b/CVE-2023/CVE-2023-223xx/CVE-2023-22318.json index f7528a32414..115fb9e58ca 100644 --- a/CVE-2023/CVE-2023-223xx/CVE-2023-22318.json +++ b/CVE-2023/CVE-2023-223xx/CVE-2023-22318.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22318", "sourceIdentifier": "security@checkmk.com", "published": "2023-05-15T09:15:09.893", - "lastModified": "2023-05-15T12:54:34.183", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:35:23.567", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-667" + } + ] + }, { "source": "security@checkmk.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tribe29:checkmk_appliance_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.6.5", + "matchCriteriaId": "6960B95E-C7FD-4908-B5AD-6944A05A8328" + } + ] + } + ] + } + ], "references": [ { "url": "https://checkmk.com/werk/9526", - "source": "security@checkmk.com" + "source": "security@checkmk.com", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2255.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2255.json new file mode 100644 index 00000000000..4b9e0076820 --- /dev/null +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2255.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-2255", + "sourceIdentifier": "security@documentfoundation.org", + "published": "2023-05-25T20:15:09.350", + "lastModified": "2023-05-25T20:15:09.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would cause external links to be loaded without prompt. In the affected versions of LibreOffice documents that used \"floating frames\" linked to external files, would load the contents of those frames without prompting the user for permission to do so. This was inconsistent with the treatment of other linked content in LibreOffice. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.7; 7.5 versions prior to 7.5.3." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@documentfoundation.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-264" + } + ] + } + ], + "references": [ + { + "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-2255", + "source": "security@documentfoundation.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json new file mode 100644 index 00000000000..143326945da --- /dev/null +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25439.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-25439", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-25T20:15:09.280", + "lastModified": "2023-05-25T20:15:09.280", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stored Cross Site Scripting (XSS) vulnerability in Square Pig FusionInvoice 2023-1.0, allows attackers to execute arbitrary code via the description or content fields to the expenses, tasks, and customer details." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://packetstormsecurity.com/files/172556/FusionInvoice-2023-1.0-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2714.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2714.json index 287834a5605..07e061a12d5 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2714.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2714.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2714", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-20T03:15:08.987", - "lastModified": "2023-05-20T11:31:57.830", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:17:39.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +76,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:groundhogg:groundhogg:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.7.9.8", + "matchCriteriaId": "9D835091-F60A-4908-8EAB-2095713459C8" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/2.7.9.8/admin/guided-setup/guided-setup.php#L111", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/groundhogg/tags/2.7.9.8/admin/help/help-page.php#L41", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2914493/groundhogg/tags/2.7.10/admin/help/help-page.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/29700844-b41d-4f10-90a7-06c8574d8d2a?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2738.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2738.json index e0ef22db967..3d523ad81ff 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2738.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2738.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2738", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-16T15:15:09.110", - "lastModified": "2023-05-16T20:04:03.627", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:44:53.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tongda2000:tongda_oa:11.10:*:*:*:*:*:*:*", + "matchCriteriaId": "8F52BB0F-F178-4DFE-AE9E-6C91D2137799" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/RCEraser/cve/blob/main/tongda.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.229149", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.229149", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28131.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28131.json index aae75c14461..0808a741ecc 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28131.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28131.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28131", "sourceIdentifier": "cve@checkpoint.com", "published": "2023-04-24T05:15:08.653", - "lastModified": "2023-05-02T18:15:27.097", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-25T21:15:09.067", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -73,6 +73,10 @@ "Mitigation", "Third Party Advisory" ] + }, + { + "url": "https://www.darkreading.com/endpoint/oauth-flaw-in-expo-platform-affects-hundreds-of-third-party-sites-apps", + "source": "cve@checkpoint.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28625.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28625.json index 135b9d8c784..b1fbf3be471 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28625.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28625.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28625", "sourceIdentifier": "security-advisories@github.com", "published": "2023-04-03T14:15:07.507", - "lastModified": "2023-05-18T21:15:09.577", - "vulnStatus": "Modified", + "lastModified": "2023-05-25T20:13:55.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -75,10 +75,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:openidc:mod_auth_openidc:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.0.0", "versionEndExcluding": "2.4.13.2", - "matchCriteriaId": "C4F27124-9404-45D5-9AA9-E28AF03CDFCB" + "matchCriteriaId": "F0E563D6-BFEA-48EF-ACFA-D746A2E78902" } ] } @@ -116,11 +116,17 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00034.html", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5405", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2814.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2814.json index 9bb9b0ca2ca..c2a0f711de7 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2814.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2814.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2814", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-19T17:15:09.163", - "lastModified": "2023-05-19T17:53:19.810", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:28:55.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:class_scheduling_system_project:class_scheduling_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A567B85F-2CCB-422D-8553-F23E0D4ACE77" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jiy2020/bugReport/blob/main/XSS.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.229428", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.229428", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2815.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2815.json index 6443e64c703..4a445099068 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2815.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2815.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2815", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-19T17:15:09.233", - "lastModified": "2023-05-19T17:53:19.810", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-25T20:27:52.170", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_jewelry_store_project:online_jewelry_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A5F1D024-AE7D-4478-959A-38DA73870B6C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/raozhir/CVERequest/blob/main/SQL.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.229429", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.229429", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2900.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2900.json new file mode 100644 index 00000000000..b96a4ec7077 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2900.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-2900", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-25T21:15:09.157", + "lastModified": "2023-05-25T21:15:09.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in NFine Rapid Development Platform 20230511. It has been classified as problematic. Affected is an unknown function of the file /Login/CheckLogin. The manipulation leads to use of weak hash. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-229974 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "HIGH", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 4.9, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-328" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/NFine-Rapid-development-platform-has-weak-password-vulnerability.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.229974", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.229974", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json new file mode 100644 index 00000000000..688c20e7884 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33263.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33263", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-25T20:15:09.447", + "lastModified": "2023-05-25T20:15:09.447", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In WFTPD 3.25, usernames and password hashes are stored in an openly viewable wftpd.ini configuration file within the WFTPD directory. NOTE: this is a product from 2006." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://packetstormsecurity.com/files/172560/WFTPD-3.25-Credential-Disclosure.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json new file mode 100644 index 00000000000..a0194f15b14 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33278.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33278", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-25T20:15:09.500", + "lastModified": "2023-05-25T20:15:09.500", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Store Commander scexportcustomers module for PrestaShop through 3.6.1, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/25/scexportcustomers.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.storecommander.com/en/addons/480-customer-export-pro.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json new file mode 100644 index 00000000000..a9bae297355 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33279.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33279", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-25T20:15:09.570", + "lastModified": "2023-05-25T20:15:09.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Store Commander scfixmyprestashop module through 2023-05-09 for PrestaShop, sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/25/scfixmyprestashop.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json new file mode 100644 index 00000000000..a441195a1d8 --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33280.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33280", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-25T20:15:09.633", + "lastModified": "2023-05-25T20:15:09.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In the Store Commander scquickaccounting module for PrestaShop through 3.7.3, multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/25/scquickaccounting.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.storecommander.com/en/addons/440-order-export-pro.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index beb73990f16..da99beda711 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-25T20:00:27.034251+00:00 +2023-05-25T22:00:25.809465+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-25T19:58:53.130000+00:00 +2023-05-25T21:15:09.157000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -216036 +216044 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `8` -* [CVE-2023-30615](CVE-2023/CVE-2023-306xx/CVE-2023-30615.json) (`2023-05-25T18:15:10.150`) -* [CVE-2023-30851](CVE-2023/CVE-2023-308xx/CVE-2023-30851.json) (`2023-05-25T18:15:10.240`) -* [CVE-2023-26215](CVE-2023/CVE-2023-262xx/CVE-2023-26215.json) (`2023-05-25T19:15:14.067`) -* [CVE-2023-26216](CVE-2023/CVE-2023-262xx/CVE-2023-26216.json) (`2023-05-25T19:15:14.157`) +* [CVE-2023-0950](CVE-2023/CVE-2023-09xx/CVE-2023-0950.json) (`2023-05-25T20:15:09.207`) +* [CVE-2023-25439](CVE-2023/CVE-2023-254xx/CVE-2023-25439.json) (`2023-05-25T20:15:09.280`) +* [CVE-2023-2255](CVE-2023/CVE-2023-22xx/CVE-2023-2255.json) (`2023-05-25T20:15:09.350`) +* [CVE-2023-33263](CVE-2023/CVE-2023-332xx/CVE-2023-33263.json) (`2023-05-25T20:15:09.447`) +* [CVE-2023-33278](CVE-2023/CVE-2023-332xx/CVE-2023-33278.json) (`2023-05-25T20:15:09.500`) +* [CVE-2023-33279](CVE-2023/CVE-2023-332xx/CVE-2023-33279.json) (`2023-05-25T20:15:09.570`) +* [CVE-2023-33280](CVE-2023/CVE-2023-332xx/CVE-2023-33280.json) (`2023-05-25T20:15:09.633`) +* [CVE-2023-2900](CVE-2023/CVE-2023-29xx/CVE-2023-2900.json) (`2023-05-25T21:15:09.157`) ### CVEs modified in the last Commit -Recently modified CVEs: `42` +Recently modified CVEs: `21` -* [CVE-2023-33007](CVE-2023/CVE-2023-330xx/CVE-2023-33007.json) (`2023-05-25T18:31:46.840`) -* [CVE-2023-31848](CVE-2023/CVE-2023-318xx/CVE-2023-31848.json) (`2023-05-25T18:35:18.770`) -* [CVE-2023-33005](CVE-2023/CVE-2023-330xx/CVE-2023-33005.json) (`2023-05-25T18:36:26.150`) -* [CVE-2023-33004](CVE-2023/CVE-2023-330xx/CVE-2023-33004.json) (`2023-05-25T18:38:08.453`) -* [CVE-2023-33003](CVE-2023/CVE-2023-330xx/CVE-2023-33003.json) (`2023-05-25T18:39:16.610`) -* [CVE-2023-30452](CVE-2023/CVE-2023-304xx/CVE-2023-30452.json) (`2023-05-25T18:39:40.763`) -* [CVE-2023-33001](CVE-2023/CVE-2023-330xx/CVE-2023-33001.json) (`2023-05-25T18:40:09.813`) -* [CVE-2023-33002](CVE-2023/CVE-2023-330xx/CVE-2023-33002.json) (`2023-05-25T18:42:48.737`) -* [CVE-2023-2740](CVE-2023/CVE-2023-27xx/CVE-2023-2740.json) (`2023-05-25T18:47:27.377`) -* [CVE-2023-31847](CVE-2023/CVE-2023-318xx/CVE-2023-31847.json) (`2023-05-25T18:48:49.640`) -* [CVE-2023-31723](CVE-2023/CVE-2023-317xx/CVE-2023-31723.json) (`2023-05-25T18:49:37.260`) -* [CVE-2023-28076](CVE-2023/CVE-2023-280xx/CVE-2023-28076.json) (`2023-05-25T18:55:37.740`) -* [CVE-2023-31856](CVE-2023/CVE-2023-318xx/CVE-2023-31856.json) (`2023-05-25T18:59:36.043`) -* [CVE-2023-2608](CVE-2023/CVE-2023-26xx/CVE-2023-2608.json) (`2023-05-25T19:00:33.237`) -* [CVE-2023-31700](CVE-2023/CVE-2023-317xx/CVE-2023-31700.json) (`2023-05-25T19:03:55.963`) -* [CVE-2023-2706](CVE-2023/CVE-2023-27xx/CVE-2023-2706.json) (`2023-05-25T19:08:24.450`) -* [CVE-2023-2756](CVE-2023/CVE-2023-27xx/CVE-2023-2756.json) (`2023-05-25T19:15:29.773`) -* [CVE-2023-30438](CVE-2023/CVE-2023-304xx/CVE-2023-30438.json) (`2023-05-25T19:35:10.970`) -* [CVE-2023-2679](CVE-2023/CVE-2023-26xx/CVE-2023-2679.json) (`2023-05-25T19:38:25.710`) -* [CVE-2023-31678](CVE-2023/CVE-2023-316xx/CVE-2023-31678.json) (`2023-05-25T19:52:37.863`) -* [CVE-2023-2736](CVE-2023/CVE-2023-27xx/CVE-2023-2736.json) (`2023-05-25T19:55:33.193`) -* [CVE-2023-2735](CVE-2023/CVE-2023-27xx/CVE-2023-2735.json) (`2023-05-25T19:55:58.053`) -* [CVE-2023-2717](CVE-2023/CVE-2023-27xx/CVE-2023-2717.json) (`2023-05-25T19:56:30.103`) -* [CVE-2023-2716](CVE-2023/CVE-2023-27xx/CVE-2023-2716.json) (`2023-05-25T19:57:34.880`) -* [CVE-2023-2715](CVE-2023/CVE-2023-27xx/CVE-2023-2715.json) (`2023-05-25T19:58:53.130`) +* [CVE-2017-6062](CVE-2017/CVE-2017-60xx/CVE-2017-6062.json) (`2023-05-25T20:18:46.990`) +* [CVE-2017-6413](CVE-2017/CVE-2017-64xx/CVE-2017-6413.json) (`2023-05-25T20:18:46.990`) +* [CVE-2017-6059](CVE-2017/CVE-2017-60xx/CVE-2017-6059.json) (`2023-05-25T20:18:46.990`) +* [CVE-2019-1010247](CVE-2019/CVE-2019-10102xx/CVE-2019-1010247.json) (`2023-05-25T20:18:46.990`) +* [CVE-2019-14857](CVE-2019/CVE-2019-148xx/CVE-2019-14857.json) (`2023-05-25T20:18:46.990`) +* [CVE-2019-20479](CVE-2019/CVE-2019-204xx/CVE-2019-20479.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-20718](CVE-2021/CVE-2021-207xx/CVE-2021-20718.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-32785](CVE-2021/CVE-2021-327xx/CVE-2021-32785.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-32786](CVE-2021/CVE-2021-327xx/CVE-2021-32786.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-32791](CVE-2021/CVE-2021-327xx/CVE-2021-32791.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-32792](CVE-2021/CVE-2021-327xx/CVE-2021-32792.json) (`2023-05-25T20:18:46.990`) +* [CVE-2021-39191](CVE-2021/CVE-2021-391xx/CVE-2021-39191.json) (`2023-05-25T20:18:46.990`) +* [CVE-2022-23527](CVE-2022/CVE-2022-235xx/CVE-2022-23527.json) (`2023-05-25T20:18:46.990`) +* [CVE-2023-28625](CVE-2023/CVE-2023-286xx/CVE-2023-28625.json) (`2023-05-25T20:13:55.667`) +* [CVE-2023-2714](CVE-2023/CVE-2023-27xx/CVE-2023-2714.json) (`2023-05-25T20:17:39.390`) +* [CVE-2023-1996](CVE-2023/CVE-2023-19xx/CVE-2023-1996.json) (`2023-05-25T20:19:40.510`) +* [CVE-2023-2815](CVE-2023/CVE-2023-28xx/CVE-2023-2815.json) (`2023-05-25T20:27:52.170`) +* [CVE-2023-2814](CVE-2023/CVE-2023-28xx/CVE-2023-2814.json) (`2023-05-25T20:28:55.147`) +* [CVE-2023-22318](CVE-2023/CVE-2023-223xx/CVE-2023-22318.json) (`2023-05-25T20:35:23.567`) +* [CVE-2023-2738](CVE-2023/CVE-2023-27xx/CVE-2023-2738.json) (`2023-05-25T20:44:53.893`) +* [CVE-2023-28131](CVE-2023/CVE-2023-281xx/CVE-2023-28131.json) (`2023-05-25T21:15:09.067`) ## Download and Usage