admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-22T22:00:26.468317+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-22 22:00:29 +00:00
parent a27a1dfaab
commit 0179933cc2
53 changed files with 3858 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CVE-2022/CVE-2022-458xx/CVE-2022-45827.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45827",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-12T13:15:09.667",
"lastModified": "2023-06-16T03:53:03.067",
"lastModified": "2023-06-22T20:43:44.137",
"vulnStatus": "Analyzed",
"descriptions": [
{

14
CVE-2022/CVE-2022-479xx/CVE-2022-47967.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47967",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-01-10T12:15:23.900",
"lastModified": "2023-01-17T16:19:20.573",
"lastModified": "2023-06-22T20:40:33.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-479xx/CVE-2022-47977.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47977",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-02-14T11:15:14.577",
"lastModified": "2023-02-22T16:12:18.060",
"lastModified": "2023-06-22T20:43:27.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-48xx/CVE-2022-4808.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4808",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-12-28T14:15:11.147",
"lastModified": "2023-01-05T23:48:48.980",
"lastModified": "2023-06-22T20:49:15.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -58,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-49xx/CVE-2022-4904.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4904",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-06T23:15:11.390",
"lastModified": "2023-05-22T15:43:21.697",
"lastModified": "2023-06-22T20:54:49.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-1284"
}
]
},

68
CVE-2023/CVE-2023-210xx/CVE-2023-21095.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-21095",
"sourceIdentifier": "security@android.com",
"published": "2023-06-15T19:15:09.293",
"lastModified": "2023-06-15T20:46:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:58:35.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-211xx/CVE-2023-21115.json
View File

@ -2,19 +2,84 @@
"id": "CVE-2023-21115",
"sourceIdentifier": "security@android.com",
"published": "2023-06-15T19:15:09.467",
"lastModified": "2023-06-15T20:46:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:53:57.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In btm_sec_encrypt_change of btm_sec.cc, there is a possible way to downgrade the link key type due to improperly used crypto. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-258834033"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-06-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

603
CVE-2023/CVE-2023-248xx/CVE-2023-24897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24897",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T15:15:09.503",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:00:44.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,607 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*",
"matchCriteriaId": "62FE95C2-066B-491D-82BF-3EF173822B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update5:*:*:*:*:*:*",
"matchCriteriaId": "647EBBAA-C731-4954-A62C-2B1AAFB1061C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndIncluding": "15.8",
"matchCriteriaId": "754856ED-0708-4505-B3CC-C3CF1818DD59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.9",
"versionEndExcluding": "15.9.55",
"matchCriteriaId": "979A6A3D-64F8-4099-A00D-16F5BAC2BD79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndIncluding": "16.10",
"matchCriteriaId": "26472C42-CDB4-4176-B10B-3BF26F5030E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.11",
"versionEndExcluding": "16.11.27",
"matchCriteriaId": "DFF8A760-E6E1-483D-A955-102A8D82B62C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.0.22",
"matchCriteriaId": "2B1F98BC-0D82-4AEB-9E1E-D67325E99385"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.2",
"versionEndExcluding": "17.2.16",
"matchCriteriaId": "B6B0B496-BC41-4F9D-9A28-AE7664B5C77D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4",
"versionEndExcluding": "17.4.8",
"matchCriteriaId": "BC861E65-1682-4E99-8A7B-F4A31DDC0198"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6",
"versionEndExcluding": "17.6.3",
"matchCriteriaId": "51DB90D6-C1C4-43B9-8B37-696CB361F37F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-265xx/CVE-2023-26527.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26527",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-16T12:15:09.263",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:23:48.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpindeed:debug_assistant:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4",
"matchCriteriaId": "40A8779A-417B-4009-8CFC-ECF71EC2FF87"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/debug-assistant/wordpress-debug-assistant-plugin-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Exploit"
]
}
]
}

47
CVE-2023/CVE-2023-265xx/CVE-2023-26537.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26537",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-16T12:15:09.323",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:40:29.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_no_external_links_project:wp_no_external_links:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "FA2AFEB5-052A-4239-872E-C424EC0C9AFA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/no-external-links/wordpress-wp-no-external-links-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-26xx/CVE-2023-2611.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2611",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-06-22T17:15:44.667",
"lastModified": "2023-06-22T17:15:44.667",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-270xx/CVE-2023-27083.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-27083",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.213",
"lastModified": "2023-06-22T20:15:09.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev5 allows remote attackers to run arbitrary code via manage file functionality."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@syed.pentester/authenticated-remote-code-execution-rce-on-pluckcms-4-7-15-c309ac1bd145",
"source": "cve@mitre.org"
}
]
}

70
CVE-2023/CVE-2023-27xx/CVE-2023-2783.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2783",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:09.720",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:15:46.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-280xx/CVE-2023-28094.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28094",
"sourceIdentifier": "security@pega.com",
"published": "2023-06-22T21:15:09.163",
"lastModified": "2023-06-22T21:15:09.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Pega platform clients who are using versions 6.1 through 8.8.3 and have upgraded from a version prior to 8.x may be utilizing default credentials."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@pega.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@pega.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1393"
}
]
}
],
"references": [
{
"url": "https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operators?",
"source": "security@pega.com"
}
]
}

75
CVE-2023/CVE-2023-287xx/CVE-2023-28799.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-28799",
"sourceIdentifier": "cve@zscaler.com",
"published": "2023-06-22T20:15:09.283",
"lastModified": "2023-06-22T20:15:09.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.4&deployment_date=2022-10-31&id=1420246",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Android&applicable_version=1.10.2&deployment_date=2023-03-09&id=1447706",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Chrome%20OS&applicable_version=1.10.1&deployment_date=2023-03-10&id=1447771",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=iOS&applicable_version=1.9.3&deployment_date=2023-03-03&id=1447071",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macOS&applicable_version=3.9&deployment_date=2023-01-25&id=1443546",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=Windows&applicable_version=3.7&deployment_date=2021-11-26&id=1386541",
"source": "cve@zscaler.com"
}
]
}

75
CVE-2023/CVE-2023-288xx/CVE-2023-28800.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-28800",
"sourceIdentifier": "cve@zscaler.com",
"published": "2023-06-22T20:15:09.373",
"lastModified": "2023-06-22T20:15:09.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "cve@zscaler.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.4&deployment_date=2022-10-31&id=1420246",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Android&applicable_version=1.10.2&deployment_date=2023-03-09&id=1447706",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Chrome%20OS&applicable_version=1.10.1&deployment_date=2023-03-10&id=1447771",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=iOS&applicable_version=1.9.3&deployment_date=2023-03-03&id=1447071",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macOS&applicable_version=3.9&deployment_date=2023-01-25&id=1443546",
"source": "cve@zscaler.com"
},
{
"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=Windows&applicable_version=3.7&deployment_date=2021-11-26&id=1386541",
"source": "cve@zscaler.com"
}
]
}

482
CVE-2023/CVE-2023-293xx/CVE-2023-29326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29326",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T15:15:09.693",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:09:01.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,486 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29326",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

649
CVE-2023/CVE-2023-293xx/CVE-2023-29331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29331",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T15:15:09.763",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:10:36.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,653 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:6.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "1DE0C8DD-9C73-4876-8193-068F18074B58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E2C6C0-FD91-40D9-B1A4-C1C348A156C7"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-293xx/CVE-2023-29337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29337",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T15:15:09.827",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:22:17.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,68 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9BDD588-7768-4C54-A6DF-CD609DED3AD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2B1781D3-91A4-49C6-9158-CE192BCBE60D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "69EB32C0-72E4-44AB-9EDD-892727104C0D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C58CD137-42A0-41FF-BCD5-D3F2FB3F4E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "179DB312-53E3-4AAE-8337-52D76D58308C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:nuget:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20F77290-FBBE-46EA-8809-5BF97F45367E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-29xx/CVE-2023-2989.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-2989",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.453",
"lastModified": "2023-06-22T20:15:09.453",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Fortra Globalscape EFT versions before 8.1.0.16 suffer from an out of bounds memory read in their administration server, which can allow an attacker to crash the service or bypass authentication if successfully exploited\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve@rapid7.con",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://kb.globalscape.com/Knowledgebase/11586/Is-EFT-susceptible-to-the-Authentication-Bypass-via-Outofbounds-Memory-Read-vulnerability",
"source": "cve@rapid7.con"
},
{
"url": "https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/",
"source": "cve@rapid7.con"
}
]
}

36
CVE-2023/CVE-2023-29xx/CVE-2023-2990.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-2990",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.520",
"lastModified": "2023-06-22T20:15:09.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Fortra Globalscape EFT versions before 8.1.0.16 suffer from a denial of service vulnerability, where a compressed message that decompresses to itself can cause infinite recursion and crash the service\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve@rapid7.con",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://kb.globalscape.com/Knowledgebase/11588/Is-EFT-susceptible-to-the-Denial-of-service-via-recursive-Deflate-Stream-vulnerability",
"source": "cve@rapid7.con"
},
{
"url": "https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/",
"source": "cve@rapid7.con"
}
]
}

36
CVE-2023/CVE-2023-29xx/CVE-2023-2991.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-2991",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.580",
"lastModified": "2023-06-22T20:15:09.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Fortra Globalscape EFT's administration server suffers from an information disclosure vulnerability where the serial number of the harddrive that Globalscape is installed on can be remotely determined via a \"trial extension request\" message\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "cve@rapid7.con",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://kb.globalscape.com/Knowledgebase/11589/Is-EFT-susceptible-to-the-Remotely-obtain-HDD-serial-number-vulnerability",
"source": "cve@rapid7.con"
},
{
"url": "https://www.rapid7.com/blog/post/2023/06/22/multiple-vulnerabilities-in-fortra-globalscape-eft-administration-server-fixed/",
"source": "cve@rapid7.con"
}
]
}

69
CVE-2023/CVE-2023-301xx/CVE-2023-30179.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-30179",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.600",
"lastModified": "2023-06-13T18:27:48.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:04:10.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "CraftCMS version 3.7.59 is vulnerable to Server-Side Template Injection (SSTI). An authenticated attacker can inject Twig Template to User Photo Location field when setting User Photo Location in User Settings, lead to Remote Code Execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:craftcms:craft_cms:3.7.59:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3C0EB0-BC83-4827-A8FA-8C0F9A3FC159"
}
]
}
]
}
],
"references": [
{
"url": "https://datnlq.gitbook.io/cve/craft-cms/cve-2023-30179-server-side-template-injection",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/craftcms/cms/blob/develop/CHANGELOG.md#442---2023-03-14",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

20
CVE-2023/CVE-2023-303xx/CVE-2023-30347.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30347",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T21:15:09.240",
"lastModified": "2023-06-22T21:15:09.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Neox Contact Center 2.3.9, via the serach_sms_api_name parameter to the SMA API search."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/huzefa2212/CVE-2023-30347/blob/main/poc.txt",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-31xx/CVE-2023-3128.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3128",
"sourceIdentifier": "security@grafana.com",
"published": "2023-06-22T21:15:09.573",
"lastModified": "2023-06-22T21:15:09.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Grafana is validating Azure AD accounts based on the email claim. \n\nOn Azure AD, the profile email field is not unique and can be easily modified. \n\nThis leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@grafana.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 9.4,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security@grafana.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
}
],
"references": [
{
"url": "https://grafana.com/security/security-advisories/cve-2023-3128/",
"source": "security@grafana.com"
}
]
}

628
CVE-2023/CVE-2023-320xx/CVE-2023-32030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32030",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T15:15:09.953",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T20:06:38.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,632 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDC4407-7E92-4E60-82F0-0C87D1860D3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "934D4E46-12C1-41DC-A28C-A2C430E965E4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2D3F18AF-84ED-473B-A8DF-65EB23C475AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "8FC46499-DB6E-48BF-9334-85EE27AFE7AF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "83A79DD6-E74E-419F-93F1-323B68502633"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "61959ACC-B608-4556-92AF-4D94B338907A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "A9D54EE6-30AF-411C-A285-A4DCB6C6EC06"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "C230D3BF-7FCE-405C-B62E-B9190C995C3C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "1FD62DCB-66D1-4CEA-828E-0BD302AC63CA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "F2D718BD-C4B7-48DB-BE78-B9CA22F27DD0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "0C3552E0-F793-4CDD-965D-457495475805"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:arm64:*",
"matchCriteriaId": "B2D24C54-F04F-4717-B614-FE67B3ED9DC0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "D5EC3F68-8F41-4F6B-B2E5-920322A4A321"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "306B7CE6-8239-4AED-9ED4-4C9F5B349F58"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "345FCD64-D37B-425B-B64C-8B1640B7E850"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A16AD2B0-2189-4E8E-B7FC-CE598CA1CB2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "734112B3-1383-4BE3-8721-C0F84566B764"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "36B0E40A-84EF-4099-A395-75D6B8CDA196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:4.7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3EF7A75E-EE27-4AA7-8D84-9D696728A4CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "5E491E46-1917-41FE-8F9A-BB0BDDEB42C3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "0A1BC97A-263E-4291-8AEF-02EE4E6031E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E039CE1F-B988-4741-AE2E-5B36E2AF9688"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:3.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "D400E856-2B2E-4CEA-8CA5-309FDF371CEA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "42A6DF09-B8E1-414D-97E7-453566055279"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32030",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-323xx/CVE-2023-32320.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-32320",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T21:15:09.287",
"lastModified": "2023-06-22T21:15:09.287",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When multiple requests are sent in parallel, all of them were executed even if the amount of faulty requests succeeded the limit by the time the response was sent to the client. This allowed someone to send as many requests the server could handle in parallel to bruteforce protected details instead of the configured limit, default 8. Nextcloud Server versions 25.0.7 and 26.0.2 and Nextcloud Enterprise Server versions 21.0.9.12, 22.2.10.12, 23.0.12.7, 24.0.12.2, 25.0.7 and 26.0.2 contain patches for this issue.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qphh-6xh7-vffg",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/nextcloud/server/pull/38274",
"source": "security-advisories@github.com"
},
{
"url": "https://hackerone.com/reports/1918525",
"source": "security-advisories@github.com"
}
]
}

24
CVE-2023/CVE-2023-325xx/CVE-2023-32571.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32571",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.640",
"lastModified": "2023-06-22T20:15:09.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zzzprojects/System.Linq.Dynamic.Core",
"source": "cve@mitre.org"
},
{
"url": "https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-32xx/CVE-2023-3256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3256",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-06-22T17:15:44.757",
"lastModified": "2023-06-22T17:15:44.757",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2023/CVE-2023-32xx/CVE-2023-3293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3293",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-16T11:15:08.993",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:30:35.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,7 +58,7 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +66,53 @@
"value": "CWE-79"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:salesagility:suitecrm:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.3",
"matchCriteriaId": "711C2DCB-BDB7-4CE9-BB88-BEC402C0CBB1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/salesagility/suitecrm-core/commit/1f949f1ac2b7fe82f3c2c6071f842b804ba91929",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/22cb0ee3-e5da-40e0-9d2c-ace9b759f171",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-33xx/CVE-2023-3326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3326",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-06-22T17:15:44.833",
"lastModified": "2023-06-22T17:15:44.833",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-340xx/CVE-2023-34028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34028",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T15:15:13.403",
"lastModified": "2023-06-22T15:15:13.403",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-341xx/CVE-2023-34170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34170",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T15:15:13.493",
"lastModified": "2023-06-22T15:15:13.493",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

79
CVE-2023/CVE-2023-342xx/CVE-2023-34250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34250",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-13T22:15:09.663",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:06:03.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "E76C733A-34C7-43E4-8472-38BB12B2A746"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "B9BBED17-A6BA-4F17-8814-8D8521F28375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "888B8ECF-EBE0-4821-82F6-B0026E95E407"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:*",
"matchCriteriaId": "FD0302B1-C0BA-49EE-8E1B-E8A43879BFC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta4:*:*:beta:*:*:*",
"matchCriteriaId": "1C4CEDDE-1495-4C7B-850A-0DABC6C3A42F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-q8m5-wmjr-3ppg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-342xx/CVE-2023-34251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34251",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T22:15:09.333",
"lastModified": "2023-06-15T12:39:22.420",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:11:53.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.42",
"matchCriteriaId": "758F84B9-A2EC-45D8-86DD-B309DB02B9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/getgrav/grav/blob/develop/system/src/Grav/Common/Twig/Extension/GravExtension.php#L174",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/getgrav/grav/commit/9d01140a63c77075ef09b26ef57cf186138151a5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/getgrav/grav/security/advisories/GHSA-f9jf-4cp4-4fq5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-345xx/CVE-2023-34548.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34548",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T15:15:09.633",
"lastModified": "2023-06-16T16:41:02.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-22T21:52:18.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Simple Customer Relationship Management 1.0 is vulnerable to SQL Injection via the email parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_customer_relationship_management_project:simple_customer_relationship_management:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9417775-9111-4957-8210-D2CC91BB496A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/SCRMS-2023-05-27-1.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-345xx/CVE-2023-34553.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34553",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T21:15:09.367",
"lastModified": "2023-06-22T21:15:09.367",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack."
}
],
"metrics": {},
"references": [
{
"url": "https://ashallen.net/wireless-smart-lock-vulnerability-disclosure",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-347xx/CVE-2023-34796.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34796",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T19:15:08.917",
"lastModified": "2023-06-22T19:15:08.917",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-349xx/CVE-2023-34923.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34923",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T19:15:08.987",
"lastModified": "2023-06-22T19:15:08.987",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

32
CVE-2023/CVE-2023-351xx/CVE-2023-35131.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-35131",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.413",
"lastModified": "2023-06-22T21:15:09.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Content on the groups page required additional sanitizing to prevent an XSS risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8 and 3.11 to 3.11.14."
}
],
"metrics": {},
"weaknesses": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://moodle.org/mod/forum/discuss.php?d=447829",
"source": "patrick@puiterwijk.org"
}
]
}

32
CVE-2023/CVE-2023-351xx/CVE-2023-35132.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-35132",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.470",
"lastModified": "2023-06-22T21:15:09.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A limited SQL injection risk was identified on the Mnet SSO access control page. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://moodle.org/mod/forum/discuss.php?d=447830",
"source": "patrick@puiterwijk.org"
}
]
}

32
CVE-2023/CVE-2023-351xx/CVE-2023-35133.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-35133",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.520",
"lastModified": "2023-06-22T21:15:09.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the logic used to check 0.0.0.0 against the cURL blocked hosts lists resulted in an SSRF risk. This flaw affects Moodle versions 4.2, 4.1 to 4.1.3, 4.0 to 4.0.8, 3.11 to 3.11.14, 3.9 to 3.9.21 and earlier unsupported versions."
}
],
"metrics": {},
"weaknesses": [
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://moodle.org/mod/forum/discuss.php?d=447831",
"source": "patrick@puiterwijk.org"
}
]
}

4
CVE-2023/CVE-2023-360xx/CVE-2023-36093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36093",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T15:15:13.580",
"lastModified": "2023-06-22T15:15:13.580",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-360xx/CVE-2023-36097.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36097",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T15:15:13.630",
"lastModified": "2023-06-22T15:15:13.630",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-362xx/CVE-2023-36239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36239",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T19:15:09.037",
"lastModified": "2023-06-22T19:15:09.037",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-362xx/CVE-2023-36243.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36243",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T19:15:09.090",
"lastModified": "2023-06-22T19:15:09.090",
"vulnStatus": "Received",
"lastModified": "2023-06-22T20:05:36.757",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-363xx/CVE-2023-36354.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36354",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.687",
"lastModified": "2023-06-22T20:15:09.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-363xx/CVE-2023-36355.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36355",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.733",
"lastModified": "2023-06-22T20:15:09.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/9/TP-Link%20TL-WR940N%20wireless%20router%20userRpmWanDynamicIpV6CfgRpm%20buffer%20write%20out-of-bounds%20vulnerability.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-363xx/CVE-2023-36356.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36356",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.780",
"lastModified": "2023-06-22T20:15:09.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-363xx/CVE-2023-36357.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36357",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.823",
"lastModified": "2023-06-22T20:15:09.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-363xx/CVE-2023-36358.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36358",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.873",
"lastModified": "2023-06-22T20:15:09.873",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-363xx/CVE-2023-36359.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36359",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.920",
"lastModified": "2023-06-22T20:15:09.920",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md",
"source": "cve@mitre.org"
}
]
}

81
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-22T20:00:26.344287+00:00
2023-06-22T22:00:26.468317+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-22T19:50:47.797000+00:00
2023-06-22T21:52:18.317000+00:00
```
### Last Data Feed Release
@ -29,44 +29,65 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218284
218305
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `21`
* [CVE-2023-34796](CVE-2023/CVE-2023-347xx/CVE-2023-34796.json) (`2023-06-22T19:15:08.917`)
* [CVE-2023-34923](CVE-2023/CVE-2023-349xx/CVE-2023-34923.json) (`2023-06-22T19:15:08.987`)
* [CVE-2023-36239](CVE-2023/CVE-2023-362xx/CVE-2023-36239.json) (`2023-06-22T19:15:09.037`)
* [CVE-2023-36243](CVE-2023/CVE-2023-362xx/CVE-2023-36243.json) (`2023-06-22T19:15:09.090`)
* [CVE-2023-27083](CVE-2023/CVE-2023-270xx/CVE-2023-27083.json) (`2023-06-22T20:15:09.213`)
* [CVE-2023-28799](CVE-2023/CVE-2023-287xx/CVE-2023-28799.json) (`2023-06-22T20:15:09.283`)
* [CVE-2023-28800](CVE-2023/CVE-2023-288xx/CVE-2023-28800.json) (`2023-06-22T20:15:09.373`)
* [CVE-2023-2989](CVE-2023/CVE-2023-29xx/CVE-2023-2989.json) (`2023-06-22T20:15:09.453`)
* [CVE-2023-2990](CVE-2023/CVE-2023-29xx/CVE-2023-2990.json) (`2023-06-22T20:15:09.520`)
* [CVE-2023-2991](CVE-2023/CVE-2023-29xx/CVE-2023-2991.json) (`2023-06-22T20:15:09.580`)
* [CVE-2023-32571](CVE-2023/CVE-2023-325xx/CVE-2023-32571.json) (`2023-06-22T20:15:09.640`)
* [CVE-2023-36354](CVE-2023/CVE-2023-363xx/CVE-2023-36354.json) (`2023-06-22T20:15:09.687`)
* [CVE-2023-36355](CVE-2023/CVE-2023-363xx/CVE-2023-36355.json) (`2023-06-22T20:15:09.733`)
* [CVE-2023-36356](CVE-2023/CVE-2023-363xx/CVE-2023-36356.json) (`2023-06-22T20:15:09.780`)
* [CVE-2023-36357](CVE-2023/CVE-2023-363xx/CVE-2023-36357.json) (`2023-06-22T20:15:09.823`)
* [CVE-2023-36358](CVE-2023/CVE-2023-363xx/CVE-2023-36358.json) (`2023-06-22T20:15:09.873`)
* [CVE-2023-36359](CVE-2023/CVE-2023-363xx/CVE-2023-36359.json) (`2023-06-22T20:15:09.920`)
* [CVE-2023-28094](CVE-2023/CVE-2023-280xx/CVE-2023-28094.json) (`2023-06-22T21:15:09.163`)
* [CVE-2023-30347](CVE-2023/CVE-2023-303xx/CVE-2023-30347.json) (`2023-06-22T21:15:09.240`)
* [CVE-2023-32320](CVE-2023/CVE-2023-323xx/CVE-2023-32320.json) (`2023-06-22T21:15:09.287`)
* [CVE-2023-34553](CVE-2023/CVE-2023-345xx/CVE-2023-34553.json) (`2023-06-22T21:15:09.367`)
* [CVE-2023-35131](CVE-2023/CVE-2023-351xx/CVE-2023-35131.json) (`2023-06-22T21:15:09.413`)
* [CVE-2023-35132](CVE-2023/CVE-2023-351xx/CVE-2023-35132.json) (`2023-06-22T21:15:09.470`)
* [CVE-2023-35133](CVE-2023/CVE-2023-351xx/CVE-2023-35133.json) (`2023-06-22T21:15:09.520`)
* [CVE-2023-3128](CVE-2023/CVE-2023-31xx/CVE-2023-3128.json) (`2023-06-22T21:15:09.573`)
### CVEs modified in the last Commit
Recently modified CVEs: `21`
Recently modified CVEs: `31`
* [CVE-2014-9708](CVE-2014/CVE-2014-97xx/CVE-2014-9708.json) (`2023-06-22T19:49:41.650`)
* [CVE-2016-7103](CVE-2016/CVE-2016-71xx/CVE-2016-7103.json) (`2023-06-22T19:50:11.053`)
* [CVE-2018-15505](CVE-2018/CVE-2018-155xx/CVE-2018-15505.json) (`2023-06-22T19:49:59.000`)
* [CVE-2018-15504](CVE-2018/CVE-2018-155xx/CVE-2018-15504.json) (`2023-06-22T19:50:47.797`)
* [CVE-2019-11358](CVE-2019/CVE-2019-113xx/CVE-2019-11358.json) (`2023-06-22T19:50:29.697`)
* [CVE-2020-7656](CVE-2020/CVE-2020-76xx/CVE-2020-7656.json) (`2023-06-22T19:49:24.680`)
* [CVE-2021-25322](CVE-2021/CVE-2021-253xx/CVE-2021-25322.json) (`2023-06-22T19:08:54.337`)
* [CVE-2021-25321](CVE-2021/CVE-2021-253xx/CVE-2021-25321.json) (`2023-06-22T19:09:02.960`)
* [CVE-2021-0945](CVE-2021/CVE-2021-09xx/CVE-2021-0945.json) (`2023-06-22T19:22:07.407`)
* [CVE-2021-0701](CVE-2021/CVE-2021-07xx/CVE-2021-0701.json) (`2023-06-22T19:22:22.497`)
* [CVE-2022-31251](CVE-2022/CVE-2022-312xx/CVE-2022-31251.json) (`2023-06-22T19:08:16.437`)
* [CVE-2023-3233](CVE-2023/CVE-2023-32xx/CVE-2023-3233.json) (`2023-06-22T18:04:20.843`)
* [CVE-2023-2569](CVE-2023/CVE-2023-25xx/CVE-2023-2569.json) (`2023-06-22T18:06:50.047`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-22T18:15:09.443`)
* [CVE-2023-31541](CVE-2023/CVE-2023-315xx/CVE-2023-31541.json) (`2023-06-22T19:15:37.720`)
* [CVE-2023-21135](CVE-2023/CVE-2023-211xx/CVE-2023-21135.json) (`2023-06-22T19:28:51.723`)
* [CVE-2023-21131](CVE-2023/CVE-2023-211xx/CVE-2023-21131.json) (`2023-06-22T19:32:33.063`)
* [CVE-2023-0837](CVE-2023/CVE-2023-08xx/CVE-2023-0837.json) (`2023-06-22T19:37:11.377`)
* [CVE-2023-26013](CVE-2023/CVE-2023-260xx/CVE-2023-26013.json) (`2023-06-22T19:43:22.267`)
* [CVE-2023-24936](CVE-2023/CVE-2023-249xx/CVE-2023-24936.json) (`2023-06-22T19:45:10.743`)
* [CVE-2023-25963](CVE-2023/CVE-2023-259xx/CVE-2023-25963.json) (`2023-06-22T19:48:48.483`)
* [CVE-2023-34028](CVE-2023/CVE-2023-340xx/CVE-2023-34028.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-34170](CVE-2023/CVE-2023-341xx/CVE-2023-34170.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-36093](CVE-2023/CVE-2023-360xx/CVE-2023-36093.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-36097](CVE-2023/CVE-2023-360xx/CVE-2023-36097.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-2611](CVE-2023/CVE-2023-26xx/CVE-2023-2611.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-3256](CVE-2023/CVE-2023-32xx/CVE-2023-3256.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-3326](CVE-2023/CVE-2023-33xx/CVE-2023-3326.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-34796](CVE-2023/CVE-2023-347xx/CVE-2023-34796.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-34923](CVE-2023/CVE-2023-349xx/CVE-2023-34923.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-36239](CVE-2023/CVE-2023-362xx/CVE-2023-36239.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-36243](CVE-2023/CVE-2023-362xx/CVE-2023-36243.json) (`2023-06-22T20:05:36.757`)
* [CVE-2023-32030](CVE-2023/CVE-2023-320xx/CVE-2023-32030.json) (`2023-06-22T20:06:38.743`)
* [CVE-2023-29326](CVE-2023/CVE-2023-293xx/CVE-2023-29326.json) (`2023-06-22T20:09:01.767`)
* [CVE-2023-29331](CVE-2023/CVE-2023-293xx/CVE-2023-29331.json) (`2023-06-22T20:10:36.950`)
* [CVE-2023-29337](CVE-2023/CVE-2023-293xx/CVE-2023-29337.json) (`2023-06-22T20:22:17.883`)
* [CVE-2023-26527](CVE-2023/CVE-2023-265xx/CVE-2023-26527.json) (`2023-06-22T20:23:48.613`)
* [CVE-2023-21115](CVE-2023/CVE-2023-211xx/CVE-2023-21115.json) (`2023-06-22T20:53:57.617`)
* [CVE-2023-21095](CVE-2023/CVE-2023-210xx/CVE-2023-21095.json) (`2023-06-22T20:58:35.673`)
* [CVE-2023-30179](CVE-2023/CVE-2023-301xx/CVE-2023-30179.json) (`2023-06-22T21:04:10.597`)
* [CVE-2023-34250](CVE-2023/CVE-2023-342xx/CVE-2023-34250.json) (`2023-06-22T21:06:03.937`)
* [CVE-2023-34251](CVE-2023/CVE-2023-342xx/CVE-2023-34251.json) (`2023-06-22T21:11:53.433`)
* [CVE-2023-2783](CVE-2023/CVE-2023-27xx/CVE-2023-2783.json) (`2023-06-22T21:15:46.663`)
* [CVE-2023-3293](CVE-2023/CVE-2023-32xx/CVE-2023-3293.json) (`2023-06-22T21:30:35.250`)
* [CVE-2023-26537](CVE-2023/CVE-2023-265xx/CVE-2023-26537.json) (`2023-06-22T21:40:29.110`)
* [CVE-2023-34548](CVE-2023/CVE-2023-345xx/CVE-2023-34548.json) (`2023-06-22T21:52:18.317`)
## Download and Usage