From 01b6955622b090e1041813d2140cf0fe9cab673e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Fri, 5 May 2023 22:00:29 +0200 Subject: [PATCH] Auto-Update: 2023-05-05T20:00:25.295977+00:00 --- CVE-2020/CVE-2020-216xx/CVE-2020-21643.json | 64 +++++- CVE-2020/CVE-2020-236xx/CVE-2020-23647.json | 79 ++++++- CVE-2020/CVE-2020-239xx/CVE-2020-23930.json | 6 +- CVE-2020/CVE-2020-29xx/CVE-2020-2978.json | 12 +- CVE-2020/CVE-2020-49xx/CVE-2020-4914.json | 59 +++++ CVE-2021/CVE-2021-322xx/CVE-2021-32269.json | 6 +- CVE-2021/CVE-2021-322xx/CVE-2021-32270.json | 6 +- CVE-2021/CVE-2021-322xx/CVE-2021-32271.json | 6 +- CVE-2022/CVE-2022-250xx/CVE-2022-25091.json | 83 ++++++- CVE-2022/CVE-2022-252xx/CVE-2022-25276.json | 84 +++++++ CVE-2022/CVE-2022-271xx/CVE-2022-27146.json | 7 +- CVE-2022/CVE-2022-271xx/CVE-2022-27147.json | 7 +- CVE-2022/CVE-2022-271xx/CVE-2022-27148.json | 7 +- CVE-2022/CVE-2022-361xx/CVE-2022-36190.json | 7 +- CVE-2022/CVE-2022-361xx/CVE-2022-36191.json | 5 +- CVE-2022/CVE-2022-385xx/CVE-2022-38530.json | 6 +- CVE-2022/CVE-2022-385xx/CVE-2022-38583.json | 71 +++++- CVE-2022/CVE-2022-39xx/CVE-2022-3957.json | 6 +- CVE-2022/CVE-2022-413xx/CVE-2022-41397.json | 64 +++++- CVE-2022/CVE-2022-413xx/CVE-2022-41398.json | 64 +++++- CVE-2022/CVE-2022-413xx/CVE-2022-41399.json | 64 +++++- CVE-2022/CVE-2022-414xx/CVE-2022-41400.json | 64 +++++- CVE-2022/CVE-2022-430xx/CVE-2022-43039.json | 7 +- CVE-2022/CVE-2022-430xx/CVE-2022-43040.json | 8 +- CVE-2022/CVE-2022-438xx/CVE-2022-43866.json | 59 +++++ CVE-2022/CVE-2022-453xx/CVE-2022-45343.json | 7 +- CVE-2022/CVE-2022-464xx/CVE-2022-46489.json | 7 +- CVE-2022/CVE-2022-464xx/CVE-2022-46490.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47086.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47087.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47088.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47089.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47091.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47092.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47093.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47094.json | 7 +- CVE-2022/CVE-2022-470xx/CVE-2022-47095.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47653.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47654.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47656.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47657.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47658.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47659.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47660.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47661.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47662.json | 7 +- CVE-2022/CVE-2022-476xx/CVE-2022-47663.json | 7 +- CVE-2022/CVE-2022-478xx/CVE-2022-47874.json | 6 +- CVE-2022/CVE-2022-478xx/CVE-2022-47875.json | 6 +- CVE-2022/CVE-2022-478xx/CVE-2022-47876.json | 6 +- CVE-2022/CVE-2022-478xx/CVE-2022-47877.json | 6 +- CVE-2022/CVE-2022-478xx/CVE-2022-47878.json | 6 +- CVE-2023/CVE-2023-07xx/CVE-2023-0760.json | 6 +- CVE-2023/CVE-2023-22xx/CVE-2023-2246.json | 12 +- CVE-2023/CVE-2023-23xx/CVE-2023-2370.json | 61 ++++- CVE-2023/CVE-2023-23xx/CVE-2023-2371.json | 61 ++++- CVE-2023/CVE-2023-23xx/CVE-2023-2372.json | 73 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2380.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2381.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2382.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2383.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2384.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2385.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2386.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2387.json | 74 +++++- CVE-2023/CVE-2023-23xx/CVE-2023-2388.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2389.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2390.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2391.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2392.json | 87 +++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2393.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2394.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2395.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2396.json | 75 ++++++- CVE-2023/CVE-2023-23xx/CVE-2023-2397.json | 73 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2408.json | 62 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2409.json | 63 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2410.json | 63 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2411.json | 63 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2412.json | 61 ++++- CVE-2023/CVE-2023-24xx/CVE-2023-2413.json | 63 +++++- CVE-2023/CVE-2023-24xx/CVE-2023-2427.json | 59 +++++ CVE-2023/CVE-2023-254xx/CVE-2023-25437.json | 82 ++++++- CVE-2023/CVE-2023-25xx/CVE-2023-2516.json | 59 +++++ CVE-2023/CVE-2023-275xx/CVE-2023-27559.json | 235 ++++++++++++++++++++ CVE-2023/CVE-2023-286xx/CVE-2023-28613.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29471.json | 69 +++++- CVE-2023/CVE-2023-294xx/CVE-2023-29489.json | 85 ++++++- CVE-2023/CVE-2023-295xx/CVE-2023-29579.json | 14 +- CVE-2023/CVE-2023-295xx/CVE-2023-29582.json | 14 +- CVE-2023/CVE-2023-295xx/CVE-2023-29583.json | 14 +- CVE-2023/CVE-2023-301xx/CVE-2023-30123.json | 64 +++++- README.md | 141 ++++++++---- 93 files changed, 3438 insertions(+), 383 deletions(-) create mode 100644 CVE-2020/CVE-2020-49xx/CVE-2020-4914.json create mode 100644 CVE-2022/CVE-2022-252xx/CVE-2022-25276.json create mode 100644 CVE-2022/CVE-2022-438xx/CVE-2022-43866.json create mode 100644 CVE-2023/CVE-2023-24xx/CVE-2023-2427.json create mode 100644 CVE-2023/CVE-2023-25xx/CVE-2023-2516.json create mode 100644 CVE-2023/CVE-2023-275xx/CVE-2023-27559.json diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21643.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21643.json index 9f6fedefcaf..39da997fb12 100644 --- a/CVE-2020/CVE-2020-216xx/CVE-2020-21643.json +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21643.json @@ -2,19 +2,75 @@ "id": "CVE-2020-21643", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T20:15:13.267", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:18:58.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hongcms_project:hongcms:3.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5B8D6DB5-CC3D-4315-92A2-72E06A9AB4F3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Neeke/HongCMS/issues/15", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-236xx/CVE-2020-23647.json b/CVE-2020/CVE-2020-236xx/CVE-2020-23647.json index 6621a0aba6d..9be5d5feec4 100644 --- a/CVE-2020/CVE-2020-236xx/CVE-2020-23647.json +++ b/CVE-2020/CVE-2020-236xx/CVE-2020-23647.json @@ -2,19 +2,90 @@ "id": "CVE-2020-23647", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T20:15:13.320", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:23:40.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:boxbilling:boxbilling:4.19:*:*:*:*:*:*:*", + "matchCriteriaId": "AA36AFCC-3A24-482F-8138-E8E4C43AD583" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:boxbilling:boxbilling:4.19.1:*:*:*:*:*:*:*", + "matchCriteriaId": "EF1171AE-8A72-4E19-83B2-3C92050B138D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:boxbilling:boxbilling:4.20:*:*:*:*:*:*:*", + "matchCriteriaId": "BBADE36A-9529-4BA9-89F9-F463CC0E7AA1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:boxbilling:boxbilling:4.21:*:*:*:*:*:*:*", + "matchCriteriaId": "BD62AEA1-383F-4602-8674-D3CD1688642B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/boxbilling/boxbilling/issues/596", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-239xx/CVE-2020-23930.json b/CVE-2020/CVE-2020-239xx/CVE-2020-23930.json index d5eedab38f5..5fabf3b661e 100644 --- a/CVE-2020/CVE-2020-239xx/CVE-2020-23930.json +++ b/CVE-2020/CVE-2020-239xx/CVE-2020-23930.json @@ -2,7 +2,7 @@ "id": "CVE-2020-23930", "sourceIdentifier": "cve@mitre.org", "published": "2021-04-21T18:15:08.417", - "lastModified": "2021-04-22T19:06:13.230", + "lastModified": "2023-05-05T19:45:30.473", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndIncluding": "20200801", - "matchCriteriaId": "42CC576B-CFF8-4CF1-98E3-08DD76C7E865" + "versionEndExcluding": "1.0.1", + "matchCriteriaId": "CCA1FE1D-17AE-45F9-A7BD-A8316EE859D6" } ] } diff --git a/CVE-2020/CVE-2020-29xx/CVE-2020-2978.json b/CVE-2020/CVE-2020-29xx/CVE-2020-2978.json index 238adf35f82..f83d965800c 100644 --- a/CVE-2020/CVE-2020-29xx/CVE-2020-2978.json +++ b/CVE-2020/CVE-2020-29xx/CVE-2020-2978.json @@ -2,8 +2,8 @@ "id": "CVE-2020-2978", "sourceIdentifier": "secalert_us@oracle.com", "published": "2020-07-15T18:15:38.990", - "lastModified": "2022-06-30T19:55:21.783", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-05T19:15:14.877", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "nvd@nist.gov", + "source": "secalert_us@oracle.com", "type": "Primary", "cvssData": { "version": "3.1", @@ -37,7 +37,7 @@ "impactScore": 1.4 }, { - "source": "secalert_us@oracle.com", + "source": "nvd@nist.gov", "type": "Secondary", "cvssData": { "version": "3.1", @@ -128,6 +128,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/172183/Oracle-RMAN-Missing-Auditing.html", + "source": "secalert_us@oracle.com" + }, { "url": "https://databasesecurityninja.wordpress.com/2020/12/01/cve-2020-2978-rman-audit-table-point-in-time-recovery-not-logged/", "source": "secalert_us@oracle.com", diff --git a/CVE-2020/CVE-2020-49xx/CVE-2020-4914.json b/CVE-2020/CVE-2020-49xx/CVE-2020-4914.json new file mode 100644 index 00000000000..1da29351d79 --- /dev/null +++ b/CVE-2020/CVE-2020-49xx/CVE-2020-4914.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2020-4914", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-05T19:15:15.027", + "lastModified": "2023-05-05T19:15:15.027", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-613" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/191290", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6967181", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-322xx/CVE-2021-32269.json b/CVE-2021/CVE-2021-322xx/CVE-2021-32269.json index 306d64c6321..d4307318f32 100644 --- a/CVE-2021/CVE-2021-322xx/CVE-2021-32269.json +++ b/CVE-2021/CVE-2021-322xx/CVE-2021-32269.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32269", "sourceIdentifier": "cve@mitre.org", "published": "2021-09-20T16:15:10.003", - "lastModified": "2021-10-02T02:45:27.260", + "lastModified": "2023-05-05T19:45:33.843", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndIncluding": "20200801", - "matchCriteriaId": "42CC576B-CFF8-4CF1-98E3-08DD76C7E865" + "versionEndExcluding": "1.0.1", + "matchCriteriaId": "CCA1FE1D-17AE-45F9-A7BD-A8316EE859D6" } ] } diff --git a/CVE-2021/CVE-2021-322xx/CVE-2021-32270.json b/CVE-2021/CVE-2021-322xx/CVE-2021-32270.json index 248381ff785..7805e49e66d 100644 --- a/CVE-2021/CVE-2021-322xx/CVE-2021-32270.json +++ b/CVE-2021/CVE-2021-322xx/CVE-2021-32270.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32270", "sourceIdentifier": "cve@mitre.org", "published": "2021-09-20T16:15:10.053", - "lastModified": "2021-10-02T02:45:59.773", + "lastModified": "2023-05-05T19:44:14.497", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndIncluding": "20200801", - "matchCriteriaId": "42CC576B-CFF8-4CF1-98E3-08DD76C7E865" + "versionEndExcluding": "1.0.1", + "matchCriteriaId": "CCA1FE1D-17AE-45F9-A7BD-A8316EE859D6" } ] } diff --git a/CVE-2021/CVE-2021-322xx/CVE-2021-32271.json b/CVE-2021/CVE-2021-322xx/CVE-2021-32271.json index 7c5488697c9..c84c195268b 100644 --- a/CVE-2021/CVE-2021-322xx/CVE-2021-32271.json +++ b/CVE-2021/CVE-2021-322xx/CVE-2021-32271.json @@ -2,7 +2,7 @@ "id": "CVE-2021-32271", "sourceIdentifier": "cve@mitre.org", "published": "2021-09-20T16:15:10.100", - "lastModified": "2021-10-02T02:47:08.797", + "lastModified": "2023-05-05T19:44:22.500", "vulnStatus": "Analyzed", "descriptions": [ { @@ -85,8 +85,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndIncluding": "20200801", - "matchCriteriaId": "42CC576B-CFF8-4CF1-98E3-08DD76C7E865" + "versionEndExcluding": "1.0.1", + "matchCriteriaId": "CCA1FE1D-17AE-45F9-A7BD-A8316EE859D6" } ] } diff --git a/CVE-2022/CVE-2022-250xx/CVE-2022-25091.json b/CVE-2022/CVE-2022-250xx/CVE-2022-25091.json index 6da33c91008..1b245dd6b60 100644 --- a/CVE-2022/CVE-2022-250xx/CVE-2022-25091.json +++ b/CVE-2022/CVE-2022-250xx/CVE-2022-25091.json @@ -2,35 +2,96 @@ "id": "CVE-2022-25091", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-27T21:15:10.343", - "lastModified": "2023-04-28T12:58:13.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:09:25.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Infopop Ultimate Bulletin Board up to v5.47a was discovered to allow all messages posted inside private forums to be disclosed by unauthenticated users via the quote reply feature." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:infopop:ultimate_bulletin_board:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.47a", + "matchCriteriaId": "D03092C2-9DE5-4093-A5B0-7D84D703C355" + } + ] + } + ] + } + ], "references": [ - { - "url": "http://www.infopop.com/support/ubbclassic/version5.html", - "source": "cve@mitre.org" - }, { "url": "https://marc.info/?l=vuln-dev&m=97486849231786&w=2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:954", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://web.archive.org/web/20030207100935/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://web.archive.org/web/20030207100935/http://www.infopop.com/support/ubbclassic/version5.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-252xx/CVE-2022-25276.json b/CVE-2022/CVE-2022-252xx/CVE-2022-25276.json new file mode 100644 index 00000000000..285617a45d8 --- /dev/null +++ b/CVE-2022/CVE-2022-252xx/CVE-2022-25276.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2022-25276", + "sourceIdentifier": "mlhess@drupal.org", + "published": "2023-04-26T15:15:08.663", + "lastModified": "2023-05-05T19:26:17.550", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "The Media oEmbed iframe route does not properly validate the iframe domain setting, which allows embeds to be displayed in the context of the primary domain. Under certain circumstances, this could lead to cross-site scripting, leaked cookies, or other vulnerabilities." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.3.0", + "versionEndExcluding": "9.3.19", + "matchCriteriaId": "513BA239-8C78-4A32-8CC7-30C1B238C865" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0", + "versionEndExcluding": "9.4.3", + "matchCriteriaId": "14FEC723-33EE-4E64-B221-86163C584F05" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://www.drupal.org/sa-core-2022-015", + "source": "mlhess@drupal.org", + "tags": [ + "Vendor Advisory" + ] + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-271xx/CVE-2022-27146.json b/CVE-2022/CVE-2022-271xx/CVE-2022-27146.json index d91e4fd3882..5a72143bd89 100644 --- a/CVE-2022/CVE-2022-271xx/CVE-2022-27146.json +++ b/CVE-2022/CVE-2022-271xx/CVE-2022-27146.json @@ -2,7 +2,7 @@ "id": "CVE-2022-27146", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-08T16:15:08.367", - "lastModified": "2022-04-14T19:36:56.187", + "lastModified": "2023-05-05T19:44:29.047", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,8 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:1.1.0-dev-rev1759-geb2d1e6dd:*:*:*:*:*:*:*", - "matchCriteriaId": "5667CC68-9892-443A-BE6D-F95FDE47737E" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.0", + "matchCriteriaId": "CCC969A1-3F88-40F5-B4A1-54DA05DF081E" } ] } diff --git a/CVE-2022/CVE-2022-271xx/CVE-2022-27147.json b/CVE-2022/CVE-2022-271xx/CVE-2022-27147.json index e023ec68022..733a60ba343 100644 --- a/CVE-2022/CVE-2022-271xx/CVE-2022-27147.json +++ b/CVE-2022/CVE-2022-271xx/CVE-2022-27147.json @@ -2,7 +2,7 @@ "id": "CVE-2022-27147", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-08T16:15:08.407", - "lastModified": "2022-04-14T19:37:58.327", + "lastModified": "2023-05-05T19:41:18.380", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,8 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:1.1.0-dev-rev1727-g8be34973d-master:*:*:*:*:*:*:*", - "matchCriteriaId": "C0BF5844-AE9D-4B56-86AB-B56713DAA015" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.0", + "matchCriteriaId": "CCC969A1-3F88-40F5-B4A1-54DA05DF081E" } ] } diff --git a/CVE-2022/CVE-2022-271xx/CVE-2022-27148.json b/CVE-2022/CVE-2022-271xx/CVE-2022-27148.json index ca2a74deebb..fea15be90f4 100644 --- a/CVE-2022/CVE-2022-271xx/CVE-2022-27148.json +++ b/CVE-2022/CVE-2022-271xx/CVE-2022-27148.json @@ -2,7 +2,7 @@ "id": "CVE-2022-27148", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-08T16:15:08.450", - "lastModified": "2022-04-14T19:42:24.923", + "lastModified": "2023-05-05T19:41:23.447", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,8 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:1.1.0-dev-rev1663-g881c6a94a-master:*:*:*:*:*:*:*", - "matchCriteriaId": "ED23D558-DB7D-4E19-95AF-246D9B98711E" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.0", + "matchCriteriaId": "CCC969A1-3F88-40F5-B4A1-54DA05DF081E" } ] } diff --git a/CVE-2022/CVE-2022-361xx/CVE-2022-36190.json b/CVE-2022/CVE-2022-361xx/CVE-2022-36190.json index 043c0e15c22..27a7d9f2a11 100644 --- a/CVE-2022/CVE-2022-361xx/CVE-2022-36190.json +++ b/CVE-2022/CVE-2022-361xx/CVE-2022-36190.json @@ -2,7 +2,7 @@ "id": "CVE-2022-36190", "sourceIdentifier": "cve@mitre.org", "published": "2022-08-17T15:15:08.543", - "lastModified": "2022-08-18T19:49:54.633", + "lastModified": "2023-05-05T19:41:29.807", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1:dev:*:*:*:*:*:*", - "matchCriteriaId": "2963671B-FA29-45DB-80B0-92F9E55F5159" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-361xx/CVE-2022-36191.json b/CVE-2022/CVE-2022-361xx/CVE-2022-36191.json index 0097ff1ce0c..61f28a39342 100644 --- a/CVE-2022/CVE-2022-361xx/CVE-2022-36191.json +++ b/CVE-2022/CVE-2022-361xx/CVE-2022-36191.json @@ -2,7 +2,7 @@ "id": "CVE-2022-36191", "sourceIdentifier": "cve@mitre.org", "published": "2022-08-17T16:15:07.920", - "lastModified": "2022-08-19T01:39:53.460", + "lastModified": "2023-05-05T19:44:35.683", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,7 +60,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "matchCriteriaId": "6F1A2370-7E7A-4F71-BAE8-93CDF9F0E642" + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-385xx/CVE-2022-38530.json b/CVE-2022/CVE-2022-385xx/CVE-2022-38530.json index ab2ff6402d3..20aad359f42 100644 --- a/CVE-2022/CVE-2022-385xx/CVE-2022-38530.json +++ b/CVE-2022/CVE-2022-385xx/CVE-2022-38530.json @@ -2,7 +2,7 @@ "id": "CVE-2022-38530", "sourceIdentifier": "cve@mitre.org", "published": "2022-09-06T23:15:09.010", - "lastModified": "2022-09-10T02:51:05.627", + "lastModified": "2023-05-05T19:41:13.080", "vulnStatus": "Analyzed", "descriptions": [ { @@ -60,8 +60,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2022-07-12", - "matchCriteriaId": "723D7922-1E70-49FA-8BA1-8670B06FC612" + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-385xx/CVE-2022-38583.json b/CVE-2022/CVE-2022-385xx/CVE-2022-38583.json index 6d6ce566da2..fdc5a01e72c 100644 --- a/CVE-2022/CVE-2022-385xx/CVE-2022-38583.json +++ b/CVE-2022/CVE-2022-385xx/CVE-2022-38583.json @@ -2,23 +2,84 @@ "id": "CVE-2022-38583", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.313", - "lastModified": "2023-04-28T14:11:00.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:00:52.370", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "On versions of Sage 300 2017 - 2022 (6.4.x - 6.9.x) which are setup in a \"Windows Peer-to-Peer Network\" or \"Client Server Network\" configuration, a low-privileged Sage 300 workstation user could abuse their access to the \"SharedData\" folder on the connected Sage 300 server to view and/or modify the credentials associated with Sage 300 users and SQL accounts to impersonate users and/or access the SQL database as a system administrator. With system administrator-level access to the Sage 300 MS SQL database it would be possible to create, update, and delete all records associated with the program and, depending on the configuration, execute code on the underlying database server." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2017", + "versionEndIncluding": "2022", + "matchCriteriaId": "A29C9EFF-0209-4D1D-97EA-22B0DE2BF56B" + } + ] + } + ] + } + ], "references": [ { "url": "http://sage.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.controlgap.com/blog/sage-300-case-study", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-39xx/CVE-2022-3957.json b/CVE-2022/CVE-2022-39xx/CVE-2022-3957.json index d5a55bb2ecf..fe4dcbd5ddc 100644 --- a/CVE-2022/CVE-2022-39xx/CVE-2022-3957.json +++ b/CVE-2022/CVE-2022-39xx/CVE-2022-3957.json @@ -2,7 +2,7 @@ "id": "CVE-2022-3957", "sourceIdentifier": "cna@vuldb.com", "published": "2022-11-11T16:15:16.707", - "lastModified": "2022-11-16T15:57:10.407", + "lastModified": "2023-05-05T19:45:44.160", "vulnStatus": "Analyzed", "descriptions": [ { @@ -90,8 +90,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2022-11-07", - "matchCriteriaId": "79ABC495-1E0C-4921-8A64-8D8F997447B1" + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-413xx/CVE-2022-41397.json b/CVE-2022/CVE-2022-413xx/CVE-2022-41397.json index 029987d24f2..6fdba457546 100644 --- a/CVE-2022/CVE-2022-413xx/CVE-2022-41397.json +++ b/CVE-2022/CVE-2022-413xx/CVE-2022-41397.json @@ -2,19 +2,75 @@ "id": "CVE-2022-41397", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.417", - "lastModified": "2023-04-28T14:11:00.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:01:24.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The optional Web Screens and Global Search features for Sage 300 through version 2022 use a hard-coded 40-byte blowfish key (\"LandlordPassKey\") to encrypt and decrypt secrets stored in configuration files and in database tables." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2022", + "matchCriteriaId": "F8A63515-64F4-4132-B748-C4759CBA67FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.sage.com/en-ca/products/sage-300/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-413xx/CVE-2022-41398.json b/CVE-2022/CVE-2022-413xx/CVE-2022-41398.json index 432fd67bc41..3cf3665ef52 100644 --- a/CVE-2022/CVE-2022-413xx/CVE-2022-41398.json +++ b/CVE-2022/CVE-2022-413xx/CVE-2022-41398.json @@ -2,19 +2,75 @@ "id": "CVE-2022-41398", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.460", - "lastModified": "2023-04-28T14:11:00.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:02:07.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attackers to login to the Solr dashboard with admin privileges and access sensitive information." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2022", + "matchCriteriaId": "F8A63515-64F4-4132-B748-C4759CBA67FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.sage.com/en-ca/products/sage-300/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-413xx/CVE-2022-41399.json b/CVE-2022/CVE-2022-413xx/CVE-2022-41399.json index ea4ac9963b9..7c6a1924fe6 100644 --- a/CVE-2022/CVE-2022-413xx/CVE-2022-41399.json +++ b/CVE-2022/CVE-2022-413xx/CVE-2022-41399.json @@ -2,19 +2,75 @@ "id": "CVE-2022-41399", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.510", - "lastModified": "2023-04-28T14:11:00.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:02:32.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The optional Web Screens feature for Sage 300 through version 2022 uses a hard-coded 40-byte blowfish key (\"PASS_KEY\") to encrypt and decrypt the database connection string for the PORTAL database found in the \"dbconfig.xml\". This issue could allow attackers to obtain access to the SQL database." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2022", + "matchCriteriaId": "F8A63515-64F4-4132-B748-C4759CBA67FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.sage.com/en-ca/products/sage-300/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-414xx/CVE-2022-41400.json b/CVE-2022/CVE-2022-414xx/CVE-2022-41400.json index ff7d87a3943..cea743f8ea2 100644 --- a/CVE-2022/CVE-2022-414xx/CVE-2022-41400.json +++ b/CVE-2022/CVE-2022-414xx/CVE-2022-41400.json @@ -2,19 +2,75 @@ "id": "CVE-2022-41400", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T13:15:13.560", - "lastModified": "2023-04-28T14:11:00.307", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:03:05.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Sage 300 through 2022 uses a hard-coded 40-byte blowfish key to encrypt and decrypt user passwords and SQL connection strings stored in ISAM database files in the shared data directory. This issue could allow attackers to decrypt user passwords and SQL connection strings." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-798" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2022", + "matchCriteriaId": "F8A63515-64F4-4132-B748-C4759CBA67FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.sage.com/en-ca/products/sage-300/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-430xx/CVE-2022-43039.json b/CVE-2022/CVE-2022-430xx/CVE-2022-43039.json index 00d43d9ec1e..59949be219d 100644 --- a/CVE-2022/CVE-2022-430xx/CVE-2022-43039.json +++ b/CVE-2022/CVE-2022-430xx/CVE-2022-43039.json @@ -2,7 +2,7 @@ "id": "CVE-2022-43039", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-19T14:15:10.137", - "lastModified": "2022-10-20T20:35:36.927", + "lastModified": "2023-05-05T19:58:27.320", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev368-gfd054169b-master:*:*:*:*:*:*:*", - "matchCriteriaId": "067978CE-DD7C-450D-9EB3-45790EE43C5B" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-430xx/CVE-2022-43040.json b/CVE-2022/CVE-2022-430xx/CVE-2022-43040.json index af79deb9d44..645e3d005ab 100644 --- a/CVE-2022/CVE-2022-430xx/CVE-2022-43040.json +++ b/CVE-2022/CVE-2022-430xx/CVE-2022-43040.json @@ -2,7 +2,7 @@ "id": "CVE-2022-43040", "sourceIdentifier": "cve@mitre.org", "published": "2022-10-19T14:15:10.183", - "lastModified": "2022-10-20T20:45:02.443", + "lastModified": "2023-05-05T19:41:54.217", "vulnStatus": "Analyzed", "descriptions": [ { @@ -59,8 +59,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev368-gfd054169b-master:*:*:*:*:*:*:*", - "matchCriteriaId": "067978CE-DD7C-450D-9EB3-45790EE43C5B" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } @@ -73,6 +74,7 @@ "source": "cve@mitre.org", "tags": [ "Exploit", + "Issue Tracking", "Third Party Advisory" ] } diff --git a/CVE-2022/CVE-2022-438xx/CVE-2022-43866.json b/CVE-2022/CVE-2022-438xx/CVE-2022-43866.json new file mode 100644 index 00000000000..5e98ba11d62 --- /dev/null +++ b/CVE-2022/CVE-2022-438xx/CVE-2022-43866.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2022-43866", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-05T19:15:15.157", + "lastModified": "2023-05-05T19:15:15.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239436." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239436", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://https://www.ibm.com/support/pages/node/6983534", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-453xx/CVE-2022-45343.json b/CVE-2022/CVE-2022-453xx/CVE-2022-45343.json index e58b7aca76a..de142b69604 100644 --- a/CVE-2022/CVE-2022-453xx/CVE-2022-45343.json +++ b/CVE-2022/CVE-2022-453xx/CVE-2022-45343.json @@ -2,7 +2,7 @@ "id": "CVE-2022-45343", "sourceIdentifier": "cve@mitre.org", "published": "2022-11-29T16:15:09.293", - "lastModified": "2022-12-01T21:16:10.447", + "lastModified": "2023-05-05T19:44:42.427", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev478-g696e6f868-master:*:*:*:*:*:*:*", - "matchCriteriaId": "B4C54024-19DB-4798-BA3E-3AAB0CC5D1C2" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46489.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46489.json index 69fc519d926..9e3d433b62d 100644 --- a/CVE-2022/CVE-2022-464xx/CVE-2022-46489.json +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46489.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46489", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.483", - "lastModified": "2023-01-11T21:10:35.307", + "lastModified": "2023-05-05T19:42:28.817", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev505-gb9577e6ad-master:*:*:*:*:*:*:*", - "matchCriteriaId": "5FAAFA5C-56EA-4F6E-AB6F-3769BF7C1E48" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46490.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46490.json index 77d6cf0b5b1..fd4057ed862 100644 --- a/CVE-2022/CVE-2022-464xx/CVE-2022-46490.json +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46490.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46490", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.527", - "lastModified": "2023-01-11T21:14:23.303", + "lastModified": "2023-05-05T19:44:22.603", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev505-gb9577e6ad-master:*:*:*:*:*:*:*", - "matchCriteriaId": "5FAAFA5C-56EA-4F6E-AB6F-3769BF7C1E48" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47086.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47086.json index e96ace0a9d0..dd4202bc334 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47086.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47086.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47086", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.573", - "lastModified": "2023-01-11T21:15:50.883", + "lastModified": "2023-05-05T19:45:24.277", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47087.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47087.json index dcd9fc5e0a6..972ac4f1fc0 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47087.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47087.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47087", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.620", - "lastModified": "2023-01-11T20:54:41.547", + "lastModified": "2023-05-05T19:47:14.690", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47088.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47088.json index 50435b02eaf..d18fbde2f18 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47088.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47088.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47088", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.663", - "lastModified": "2023-01-11T19:50:39.307", + "lastModified": "2023-05-05T19:57:17.957", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47089.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47089.json index 2b2ff98a7d0..e5ca3615d46 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47089.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47089.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47089", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.707", - "lastModified": "2023-01-11T19:50:55.253", + "lastModified": "2023-05-05T19:54:20.850", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47091.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47091.json index 59c0881f65e..89c2965755a 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47091.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47091.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47091", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.750", - "lastModified": "2023-01-11T19:51:12.917", + "lastModified": "2023-05-05T19:50:47.057", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47092.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47092.json index 9ffb37f7af3..a5c9efa049b 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47092.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47092.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47092", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.793", - "lastModified": "2023-01-11T19:47:58.277", + "lastModified": "2023-05-05T19:40:22.817", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47093.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47093.json index 9528fc7ba40..5a3e0ae7371 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47093.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47093.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47093", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.837", - "lastModified": "2023-01-11T19:48:27.323", + "lastModified": "2023-05-05T19:51:18.837", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47094.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47094.json index a80bccc596a..6ec69710b30 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47094.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47094.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47094", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.880", - "lastModified": "2023-01-11T18:43:20.777", + "lastModified": "2023-05-05T19:40:26.283", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47095.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47095.json index cca0c1c22cd..12cde55183d 100644 --- a/CVE-2022/CVE-2022-470xx/CVE-2022-47095.json +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47095.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47095", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T15:15:10.927", - "lastModified": "2023-01-11T18:55:44.253", + "lastModified": "2023-05-05T19:40:30.743", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev574-g9d5bb184b:*:*:*:*:*:*:*", - "matchCriteriaId": "8CF86872-7B3E-48E8-A11D-EB335E8EDF13" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47653.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47653.json index 52e2ddbfe8c..3b218edf8e5 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47653.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47653.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47653", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:09.350", - "lastModified": "2023-01-11T19:46:46.903", + "lastModified": "2023-05-05T19:40:35.637", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev593-g007bf61a0:*:*:*:*:*:*:*", - "matchCriteriaId": "17272D71-DCDB-4C87-BCA6-6BF5C4823AFD" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47654.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47654.json index 3e028a416b1..3df57f2ae15 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47654.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47654.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47654", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:09.587", - "lastModified": "2023-01-11T21:03:33.680", + "lastModified": "2023-05-05T19:40:45.267", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev593-g007bf61a0:*:*:*:*:*:*:*", - "matchCriteriaId": "17272D71-DCDB-4C87-BCA6-6BF5C4823AFD" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47656.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47656.json index 2b48ed6f76b..7b481abe1cd 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47656.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47656.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47656", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:10.020", - "lastModified": "2023-01-11T20:27:59.477", + "lastModified": "2023-05-05T19:37:58.330", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev617-g85ce76efd:*:*:*:*:*:*:*", - "matchCriteriaId": "8A9D0E18-8F83-4A61-9B91-832F0AE315C3" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47657.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47657.json index 73dc8b2420d..1ca3d93c051 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47657.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47657.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47657", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:10.233", - "lastModified": "2023-01-11T20:30:05.487", + "lastModified": "2023-05-05T19:38:05.143", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev644-g5c4df2a67:*:*:*:*:*:*:*", - "matchCriteriaId": "413A71D3-6F9E-460D-81E6-3C98E7227B8C" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47658.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47658.json index 9f284fa025f..7aaf66f0f36 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47658.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47658.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47658", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:10.447", - "lastModified": "2023-01-11T20:49:42.707", + "lastModified": "2023-05-05T19:38:12.117", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev644-g5c4df2a67:*:*:*:*:*:*:*", - "matchCriteriaId": "413A71D3-6F9E-460D-81E6-3C98E7227B8C" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47659.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47659.json index 0f2334ff19d..ac37c01f6f4 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47659.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47659.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47659", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:10.670", - "lastModified": "2023-01-11T20:13:31.767", + "lastModified": "2023-05-05T19:39:01.907", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev644-g5c4df2a67:*:*:*:*:*:*:*", - "matchCriteriaId": "413A71D3-6F9E-460D-81E6-3C98E7227B8C" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47660.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47660.json index 0203afc024d..a158312638d 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47660.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47660.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47660", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:10.890", - "lastModified": "2023-01-11T20:20:28.257", + "lastModified": "2023-05-05T19:39:08.303", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev644-g5c4df2a67:*:*:*:*:*:*:*", - "matchCriteriaId": "413A71D3-6F9E-460D-81E6-3C98E7227B8C" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47661.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47661.json index 9b3a0027c89..d81759dcdfc 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47661.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47661.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47661", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:11.103", - "lastModified": "2023-01-11T21:23:59.137", + "lastModified": "2023-05-05T19:37:33.643", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev649-ga8f438d20:*:*:*:*:*:*:*", - "matchCriteriaId": "D335BF6F-4F72-4D05-85C8-D21AE73E77F4" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47662.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47662.json index 4886da31f76..2a5977c45f5 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47662.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47662.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47662", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:11.400", - "lastModified": "2023-01-11T21:25:46.630", + "lastModified": "2023-05-05T19:49:30.243", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev649-ga8f438d20:*:*:*:*:*:*:*", - "matchCriteriaId": "D335BF6F-4F72-4D05-85C8-D21AE73E77F4" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47663.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47663.json index fa63db0cb9b..228e67b2890 100644 --- a/CVE-2022/CVE-2022-476xx/CVE-2022-47663.json +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47663.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47663", "sourceIdentifier": "cve@mitre.org", "published": "2023-01-05T16:15:11.623", - "lastModified": "2023-01-11T21:26:17.663", + "lastModified": "2023-05-05T19:50:24.380", "vulnStatus": "Analyzed", "descriptions": [ { @@ -55,8 +55,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:gpac:gpac:2.1-dev-rev649-ga8f438d20:*:*:*:*:*:*:*", - "matchCriteriaId": "D335BF6F-4F72-4D05-85C8-D21AE73E77F4" + "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2022/CVE-2022-478xx/CVE-2022-47874.json b/CVE-2022/CVE-2022-478xx/CVE-2022-47874.json index a6836326203..78219adbb6e 100644 --- a/CVE-2022/CVE-2022-478xx/CVE-2022-47874.json +++ b/CVE-2022/CVE-2022-478xx/CVE-2022-47874.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47874", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-02T20:15:10.423", - "lastModified": "2023-05-03T10:33:50.897", + "lastModified": "2023-05-05T19:15:15.223", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html", + "source": "cve@mitre.org" + }, { "url": "https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf", "source": "cve@mitre.org" diff --git a/CVE-2022/CVE-2022-478xx/CVE-2022-47875.json b/CVE-2022/CVE-2022-478xx/CVE-2022-47875.json index 6c58d189c45..5e86fb15663 100644 --- a/CVE-2022/CVE-2022-478xx/CVE-2022-47875.json +++ b/CVE-2022/CVE-2022-478xx/CVE-2022-47875.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47875", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-02T20:15:10.483", - "lastModified": "2023-05-03T10:33:50.897", + "lastModified": "2023-05-05T19:15:15.283", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://packetstormsecurity.com/files/172152/Jedox-2022.4.2-Directory-Traversal-Remote-Code-Execution.html", + "source": "cve@mitre.org" + }, { "url": "https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf", "source": "cve@mitre.org" diff --git a/CVE-2022/CVE-2022-478xx/CVE-2022-47876.json b/CVE-2022/CVE-2022-478xx/CVE-2022-47876.json index b4d8107d5cb..31d4e21bde7 100644 --- a/CVE-2022/CVE-2022-478xx/CVE-2022-47876.json +++ b/CVE-2022/CVE-2022-478xx/CVE-2022-47876.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47876", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-02T20:15:10.537", - "lastModified": "2023-05-03T10:33:50.897", + "lastModified": "2023-05-05T19:15:15.337", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://packetstormsecurity.com/files/172155/Jedox-2020.2.5-Groovy-Scripts-Remote-Code-Execution.html", + "source": "cve@mitre.org" + }, { "url": "https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf", "source": "cve@mitre.org" diff --git a/CVE-2022/CVE-2022-478xx/CVE-2022-47877.json b/CVE-2022/CVE-2022-478xx/CVE-2022-47877.json index bef8d29b6ff..de3b4a70f28 100644 --- a/CVE-2022/CVE-2022-478xx/CVE-2022-47877.json +++ b/CVE-2022/CVE-2022-478xx/CVE-2022-47877.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47877", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-02T20:15:10.590", - "lastModified": "2023-05-03T10:33:50.897", + "lastModified": "2023-05-05T19:15:15.393", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://packetstormsecurity.com/files/172153/Jedox-2020.2.5-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + }, { "url": "https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf", "source": "cve@mitre.org" diff --git a/CVE-2022/CVE-2022-478xx/CVE-2022-47878.json b/CVE-2022/CVE-2022-478xx/CVE-2022-47878.json index d88a3b458b7..44ded73b9a3 100644 --- a/CVE-2022/CVE-2022-478xx/CVE-2022-47878.json +++ b/CVE-2022/CVE-2022-478xx/CVE-2022-47878.json @@ -2,7 +2,7 @@ "id": "CVE-2022-47878", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-02T20:15:10.647", - "lastModified": "2023-05-03T10:33:50.897", + "lastModified": "2023-05-05T19:15:15.447", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://packetstormsecurity.com/files/172154/Jedox-2020.2.5-Configurable-Storage-Path-Remote-Code-Execution.html", + "source": "cve@mitre.org" + }, { "url": "https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-07xx/CVE-2023-0760.json b/CVE-2023/CVE-2023-07xx/CVE-2023-0760.json index d47585f0db3..f93e6d2407d 100644 --- a/CVE-2023/CVE-2023-07xx/CVE-2023-0760.json +++ b/CVE-2023/CVE-2023-07xx/CVE-2023-0760.json @@ -2,7 +2,7 @@ "id": "CVE-2023-0760", "sourceIdentifier": "security@huntr.dev", "published": "2023-02-09T14:15:24.597", - "lastModified": "2023-02-16T14:40:56.080", + "lastModified": "2023-05-05T19:45:48.030", "vulnStatus": "Analyzed", "descriptions": [ { @@ -88,8 +88,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*", - "versionEndExcluding": "2023-02-09", - "matchCriteriaId": "DEDEEE65-7A6A-428B-8EE8-FDB7D4355C51" + "versionEndExcluding": "2.2.0", + "matchCriteriaId": "B4D3D58A-C3C9-4441-A84A-FB91FD19985C" } ] } diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2246.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2246.json index a872319ce6f..e0947332788 100644 --- a/CVE-2023/CVE-2023-22xx/CVE-2023-2246.json +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2246.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2246", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-23T16:15:07.107", - "lastModified": "2023-04-28T03:46:53.787", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-05T19:15:15.603", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -83,7 +83,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { @@ -93,7 +93,7 @@ ] }, { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -121,6 +121,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/172182/Online-Pizza-Ordering-System-1.0-Shell-Upload.html", + "source": "cna@vuldb.com" + }, { "url": "https://docs.google.com/document/d/1Bzt1UOXHJYyNFvTUsMO4zfbiDd_cKxuEygjAww2GcZQ/edit", "source": "cna@vuldb.com", diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2370.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2370.json index 96927557b89..1bfbb54aca6 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2370.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2370.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2370", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T14:15:10.807", - "lastModified": "2023-04-28T17:06:28.060", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:03:39.193", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_dj_management_system_project:online_dj_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EA6EE0BC-5D40-4EFC-BE67-D3A939B443E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/aieouZZ/bug_report/blob/main/SQLi-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.227646", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227646", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2371.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2371.json index 4410d0801e5..611bf78a63a 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2371.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2371.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2371", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T14:15:10.863", - "lastModified": "2023-04-28T17:06:22.820", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:05:31.693", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_dj_management_system_project:online_dj_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EA6EE0BC-5D40-4EFC-BE67-D3A939B443E4" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/yoyoyoyoyohane/bug_report/blob/main/SQLi-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.227647", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227647", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2372.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2372.json index 4be8333373a..acbfbfa004a 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2372.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2372.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2372", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T14:15:10.917", - "lastModified": "2023-04-28T17:06:22.820", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:06:09.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,59 @@ "value": "CWE-79" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_dj_management_system_project:online_dj_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "EA6EE0BC-5D40-4EFC-BE67-D3A939B443E4" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/yoyoyoyoyohane/bug_report/blob/main/XSS-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.227648", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227648", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2380.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2380.json index 08bc59e896f..e85c448d369 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2380.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2380.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2380", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T17:15:43.130", - "lastModified": "2023-04-28T17:43:00.630", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:16:55.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/17", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227658", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227658", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2381.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2381.json index e1c46f75967..0c8dbbf4e2a 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2381.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2381.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2381", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T17:15:43.187", - "lastModified": "2023-04-28T17:43:00.630", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:16:29.463", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/6", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227659", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227659", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2382.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2382.json index 4094f2a4e19..c77e86b193c 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2382.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2382.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2382", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T17:15:43.240", - "lastModified": "2023-04-28T17:43:00.630", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:16:05.950", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/1", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227660", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227660", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2383.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2383.json index b30076e37de..10d07682cef 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2383.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2383.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2383", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T18:15:26.457", - "lastModified": "2023-04-28T18:25:52.200", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:17:13.490", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227661", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227661", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2384.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2384.json index 525f7d058fb..8caa87734b0 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2384.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2384.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2384", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T18:15:26.530", - "lastModified": "2023-04-28T18:25:52.200", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:18:08.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/3", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227662", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227662", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2385.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2385.json index 8bcbfcf0d33..75788378f2d 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2385.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2385.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2385", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T18:15:26.607", - "lastModified": "2023-04-28T18:25:52.200", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:18:32.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/5", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227663", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227663", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2386.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2386.json index 8cf1eec9ff8..3cf583b7840 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2386.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2386.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2386", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T19:15:16.863", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:34:24.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/7", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227664", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227664", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2387.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2387.json index 886afa255bd..d73a7388027 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2387.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2387.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2387", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T19:15:16.923", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:34:43.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,60 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/4", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227665", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227665", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2388.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2388.json index 772fc9a352a..f001bf0e2c8 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2388.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2388.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2388", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T20:15:14.020", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:35:05.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/8", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227666", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227666", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2389.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2389.json index 57a296673af..2d81c6441f5 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2389.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2389.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2389", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T20:15:14.090", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:35:44.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/9", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227667", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227667", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2390.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2390.json index 9e76a756207..d941271cf1d 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2390.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2390.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2390", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T20:15:14.167", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:36:04.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/10", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227668", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227668", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2391.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2391.json index 583677d6c79..19ac23ae3f4 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2391.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2391.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2391", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T21:15:08.827", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:36:22.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/11", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227669", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227669", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2392.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2392.json index 4d65f8f9d1c..bcfbaf5341b 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2392.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2392.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2392", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T21:15:08.900", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:36:48.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,73 @@ "value": "CWE-79" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/12", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227670", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227670", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2393.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2393.json index e94c86b0ad3..cf360d6ff04 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2393.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2393.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2393", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T21:15:08.963", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:27:26.553", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/13", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227671", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227671", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2394.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2394.json index 02c4ab9d2cc..5ab56b922fb 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2394.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2394.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2394", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T21:15:09.020", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:26:55.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/14", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227672", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227672", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2395.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2395.json index 1b09789cfe7..3dca931dc6f 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2395.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2395.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2395", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T22:15:09.130", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:31:07.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/15", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227673", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227673", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2396.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2396.json index ce90660ff29..ec01978408c 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2396.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2396.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2396", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T22:15:09.190", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:29:40.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:netgear:srx5308_firmware:4.3.5-3:*:*:*:*:*:*:*", + "matchCriteriaId": "33645096-A648-4674-8045-6EF6538D7E28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:netgear:srx5308:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5768789E-33BD-4F4C-A8B4-5F8D2FAE6F62" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/leetsun/IoT/tree/main/Netgear-SRX5308/16", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227674", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227674", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-23xx/CVE-2023-2397.json b/CVE-2023/CVE-2023-23xx/CVE-2023-2397.json index 2543cd4cfd3..e549a0426e5 100644 --- a/CVE-2023/CVE-2023-23xx/CVE-2023-2397.json +++ b/CVE-2023/CVE-2023-23xx/CVE-2023-2397.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2397", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T22:15:09.247", - "lastModified": "2023-04-28T22:22:40.580", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:34:00.993", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,59 @@ "value": "CWE-79" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simple_mobile_comparison_website_project:simple_mobile_comparison_website:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "819E4A1A-2355-4222-A684-B625872A8A54" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/sunyucheng0405/bug_report/blob/main/XSS-1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227675", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227675", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2408.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2408.json index 9b5c8d39b04..cab843164a9 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2408.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2408.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2408", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T23:15:08.267", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:33:16.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-1.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227702", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227702", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2409.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2409.json index 87b040101ba..2438b3af73f 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2409.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2409.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2409", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T23:15:08.337", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:32:54.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-2.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227703", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227703", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2410.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2410.json index 27784347e71..06a7fadc72a 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2410.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2410.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2410", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T23:15:08.397", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:32:35.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-3.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227704", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227704", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2411.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2411.json index 5a34808f315..d6ba01c905c 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2411.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2411.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2411", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-28T23:15:08.460", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:32:04.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-4.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227705", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227705", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2412.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2412.json index 7c50d13d67e..8b716d46d96 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2412.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2412.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2412", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-29T00:15:08.857", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:26:27.330", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-5.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227706", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227706", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2413.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2413.json index d339a5211b8..098f76e5618 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2413.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2413.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2413", "sourceIdentifier": "cna@vuldb.com", "published": "2023-04-29T00:15:08.937", - "lastModified": "2023-05-01T10:39:42.517", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:25:53.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Yp1oneer/cve_hub/blob/main/AC%20Repair%20and%20Services%20System/SQL-Injection-6.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.227707", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.227707", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2427.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2427.json new file mode 100644 index 00000000000..e0a06e74a9c --- /dev/null +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2427.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2427", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-05T19:15:15.687", + "lastModified": "2023-05-05T19:15:15.687", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thorsten/phpmyfaq/commit/514f4df2ad918e69575028d58b2e33aaf536e59b", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/89005a6d-d019-4cb7-ae88-486d2d44190d", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25437.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25437.json index 97d0f9f1269..8d95db60e28 100644 --- a/CVE-2023/CVE-2023-254xx/CVE-2023-25437.json +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25437.json @@ -2,23 +2,95 @@ "id": "CVE-2023-25437", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-27T21:15:10.630", - "lastModified": "2023-04-28T12:58:13.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:10:34.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in vTech VCS754 version 1.1.1.A before 1.1.1.H, allows attackers to gain escalated privileges and gain sensitive information due to cleartext passwords passed in the raw HTML." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:vtech:vcs754a_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.1.1.a", + "versionEndExcluding": "1.1.1.h", + "matchCriteriaId": "A1EB7660-274F-4619-905A-638027C35C4B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:vtech:vcs754a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83D92E46-4C38-41A3-B46E-80AFED8E0C1F" + } + ] + } + ] + } + ], "references": [ { "url": "https://i.imgur.com/aDuiY8q.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://yechiel.xyz/vulnerability-in-vtechs-vcs754a-business-phones-exposes-sip-credentials", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2516.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2516.json new file mode 100644 index 00000000000..9e2b1d47dd3 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2516.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2516", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-05T19:15:15.763", + "lastModified": "2023-05-05T19:15:15.763", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/nilsteampassnet/teampass/commit/39b774cba118ca5383b0a51a71b1e7dea2761927", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/19470f0b-7094-4339-8d4a-4b5570b54716", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json new file mode 100644 index 00000000000..a27a915b50b --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27559.json @@ -0,0 +1,235 @@ +{ + "id": "CVE-2023-27559", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-04-26T20:15:09.900", + "lastModified": "2023-05-05T19:40:43.037", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may crash when using a specially crafted subquery. IBM X-Force ID: 249196." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.1", + "versionEndExcluding": "11.1.4", + "matchCriteriaId": "421BBE95-3D5B-421A-9DC1-8B08D019B2A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.5", + "versionEndExcluding": "11.5.8", + "matchCriteriaId": "65161064-A4A3-48E5-AC0A-388429FF2F53" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:-:*:*:*:*:*:*", + "matchCriteriaId": "190AE881-F7BF-486E-BDAE-197337D70CDB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp1:*:*:*:*:*:*", + "matchCriteriaId": "8D1BAA43-4C77-4AC7-8561-93EDE0AED000" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp10:*:*:*:*:*:*", + "matchCriteriaId": "F6FDF4D8-1822-43E6-AE65-3E4F8743D3A3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp2:*:*:*:*:*:*", + "matchCriteriaId": "87C39880-D0E9-4487-9A80-B4D1A999032F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp3:*:*:*:*:*:*", + "matchCriteriaId": "8842A8B6-E470-4536-AB5D-DA1C62A05F58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp3a:*:*:*:*:*:*", + "matchCriteriaId": "92BF0482-E4FE-454E-84DD-27074097F3F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp4:*:*:*:*:*:*", + "matchCriteriaId": "3705A79B-7903-4055-9CDC-55D60D2AC2E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp5:*:*:*:*:*:*", + "matchCriteriaId": "CBDFCE61-EE04-4901-844D-61B8966C1B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp6:*:*:*:*:*:*", + "matchCriteriaId": "53A23363-413D-4785-B8C1-9AC2F96000EB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp7:*:*:*:*:*:*", + "matchCriteriaId": "6E22D884-A33F-41D7-84CB-B6360A39863F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp8:*:*:*:*:*:*", + "matchCriteriaId": "4DA56D35-93E9-4659-B180-2FD636A39BAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:10.5:fp9:*:*:*:*:*:*", + "matchCriteriaId": "6E7F0B02-EA0B-4BD1-AA0C-2A4735221963" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:-:*:*:*:*:*:*", + "matchCriteriaId": "7F91EC14-CD9A-42EB-9D81-6025A1D74749" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp1:*:*:*:*:*:*", + "matchCriteriaId": "5D098641-0833-4718-BB6A-273E1CA0F887" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp2:*:*:*:*:*:*", + "matchCriteriaId": "8B451F96-2A58-4758-86E6-F8A030805C51" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp3:*:*:*:*:*:*", + "matchCriteriaId": "69CBC98E-BECE-41A4-A0D9-9F3AC1602ABE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp4:*:*:*:*:*:*", + "matchCriteriaId": "20386F14-BC32-4174-9F3A-F7406486976A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp5:*:*:*:*:*:*", + "matchCriteriaId": "DD0DD54B-AB2E-4C56-B348-FF87C174270A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:db2:11.1.4:fp6:*:*:*:*:*:*", + "matchCriteriaId": "CC14EF40-FE00-47F9-8A78-98713F903D9C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249196", + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] + }, + { + "url": "https://https://www.ibm.com/support/pages/node/6985667", + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28613.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28613.json index 1cae56fd1fe..bebf919469f 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28613.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28613.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28613", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-04T16:15:07.407", - "lastModified": "2023-04-11T15:14:29.337", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-05T19:15:15.513", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -150,6 +150,10 @@ } ], "references": [ + { + "url": "http://packetstormsecurity.com/files/172177/Shannon-Baseband-Integer-Overflow.html", + "source": "cve@mitre.org" + }, { "url": "https://semiconductor.samsung.com/processor/mobile-processor/", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29471.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29471.json index 8f95c31745a..65b5d926a31 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29471.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29471.json @@ -2,23 +2,82 @@ "id": "CVE-2023-29471", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-27T21:15:10.710", - "lastModified": "2023-04-28T12:58:13.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:11:57.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-312" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lightbend:alpakka_kafka:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.2", + "matchCriteriaId": "5EC4C398-868B-45EB-9330-C40ABD6DA55F" + } + ] + } + ] + } + ], "references": [ { "url": "https://akka.io/security/alpakka-kafka-cve-2023-29471.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/akka/alpakka-kafka/issues/1592", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29489.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29489.json index e41ae46ca77..ad66c84da2f 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29489.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29489.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29489", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-27T21:15:10.783", - "lastModified": "2023-04-28T12:58:13.110", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:12:20.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cve@mitre.org", "type": "Secondary", @@ -34,14 +54,71 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.102.0.31", + "matchCriteriaId": "27895D75-07E6-4ED2-BEFE-9718E7418CB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.104.0", + "versionEndExcluding": "11.106.0.18", + "matchCriteriaId": "03CD2A77-1A0B-49EB-9C36-A38B57162FA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.108.0", + "versionEndExcluding": "11.108.0.13", + "matchCriteriaId": "3F193C33-6199-4643-A657-38D4C583250F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.109.0", + "versionEndExcluding": "11.109.9999.116", + "matchCriteriaId": "BAABB8A0-5588-4443-8505-7D0A3C16E979" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://forums.cpanel.net/threads/cpanel-tsr-2023-0001-full-disclosure.708949/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29579.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29579.json index 4f2e29d850c..714714f3d06 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29579.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29579.json @@ -2,7 +2,7 @@ "id": "CVE-2023-29579", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-24T13:15:07.440", - "lastModified": "2023-05-03T14:27:39.120", + "lastModified": "2023-05-05T18:04:17.810", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseScore": 5.5, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, - "impactScore": 5.9 + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29582.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29582.json index 9b25eb24015..a118cef5c06 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29582.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29582.json @@ -2,7 +2,7 @@ "id": "CVE-2023-29582", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-24T13:15:07.483", - "lastModified": "2023-05-03T14:29:09.613", + "lastModified": "2023-05-05T18:04:22.130", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseScore": 5.5, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, - "impactScore": 5.9 + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29583.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29583.json index 4072c5ec7a9..f1fe9022d38 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29583.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29583.json @@ -2,7 +2,7 @@ "id": "CVE-2023-29583", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-24T13:15:07.523", - "lastModified": "2023-05-03T13:10:25.220", + "lastModified": "2023-05-05T18:04:31.307", "vulnStatus": "Analyzed", "descriptions": [ { @@ -17,20 +17,20 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 7.8, - "baseSeverity": "HIGH" + "baseScore": 5.5, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.8, - "impactScore": 5.9 + "impactScore": 3.6 } ] }, diff --git a/CVE-2023/CVE-2023-301xx/CVE-2023-30123.json b/CVE-2023/CVE-2023-301xx/CVE-2023-30123.json index 35838c28ff9..7ef1d75722b 100644 --- a/CVE-2023/CVE-2023-301xx/CVE-2023-30123.json +++ b/CVE-2023/CVE-2023-301xx/CVE-2023-30123.json @@ -2,19 +2,75 @@ "id": "CVE-2023-30123", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-28T14:15:11.047", - "lastModified": "2023-04-28T17:06:22.820", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-05T18:06:27.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "wuzhicms v4.1.0 is vulnerable to Cross Site Scripting (XSS) in the Member Center, Account Settings." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2B76E69A-B2F3-4359-A7C0-046CEE2FAEEB" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/wuzhicms/wuzhicms/issues/205#issue-1635153937", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index d8c515dfbc3..cd1894632ec 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-05T18:00:24.352498+00:00 +2023-05-05T20:00:25.295977+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-05T17:57:32.067000+00:00 +2023-05-05T19:58:27.320000+00:00 ``` ### Last Data Feed Release @@ -29,58 +29,111 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -214161 +214165 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `4` -* [CVE-2023-26285](CVE-2023/CVE-2023-262xx/CVE-2023-26285.json) (`2023-05-05T16:15:09.300`) -* [CVE-2023-29659](CVE-2023/CVE-2023-296xx/CVE-2023-29659.json) (`2023-05-05T16:15:09.387`) -* [CVE-2023-32269](CVE-2023/CVE-2023-322xx/CVE-2023-32269.json) (`2023-05-05T17:15:09.623`) +* [CVE-2020-4914](CVE-2020/CVE-2020-49xx/CVE-2020-4914.json) (`2023-05-05T19:15:15.027`) +* [CVE-2022-43866](CVE-2022/CVE-2022-438xx/CVE-2022-43866.json) (`2023-05-05T19:15:15.157`) +* [CVE-2023-2427](CVE-2023/CVE-2023-24xx/CVE-2023-2427.json) (`2023-05-05T19:15:15.687`) +* [CVE-2023-2516](CVE-2023/CVE-2023-25xx/CVE-2023-2516.json) (`2023-05-05T19:15:15.763`) ### CVEs modified in the last Commit -Recently modified CVEs: `36` +Recently modified CVEs: `88` -* [CVE-2012-5872](CVE-2012/CVE-2012-58xx/CVE-2012-5872.json) (`2023-05-05T17:29:16.587`) -* [CVE-2020-4729](CVE-2020/CVE-2020-47xx/CVE-2020-4729.json) (`2023-05-05T17:22:10.933`) -* [CVE-2020-8597](CVE-2020/CVE-2020-85xx/CVE-2020-8597.json) (`2023-05-05T17:48:17.840`) -* [CVE-2021-27452](CVE-2021/CVE-2021-274xx/CVE-2021-27452.json) (`2023-05-05T17:00:28.207`) -* [CVE-2022-0108](CVE-2022/CVE-2022-01xx/CVE-2022-0108.json) (`2023-05-05T17:15:09.343`) -* [CVE-2022-43919](CVE-2022/CVE-2022-439xx/CVE-2022-43919.json) (`2023-05-05T16:27:24.373`) -* [CVE-2022-48481](CVE-2022/CVE-2022-484xx/CVE-2022-48481.json) (`2023-05-05T17:26:17.873`) -* [CVE-2023-1967](CVE-2023/CVE-2023-19xx/CVE-2023-1967.json) (`2023-05-05T17:14:43.903`) -* [CVE-2023-22665](CVE-2023/CVE-2023-226xx/CVE-2023-22665.json) (`2023-05-05T17:15:38.370`) -* [CVE-2023-22874](CVE-2023/CVE-2023-228xx/CVE-2023-22874.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-2322](CVE-2023/CVE-2023-23xx/CVE-2023-2322.json) (`2023-05-05T16:07:09.430`) -* [CVE-2023-2323](CVE-2023/CVE-2023-23xx/CVE-2023-2323.json) (`2023-05-05T16:05:58.873`) -* [CVE-2023-2356](CVE-2023/CVE-2023-23xx/CVE-2023-2356.json) (`2023-05-05T17:17:38.893`) -* [CVE-2023-2360](CVE-2023/CVE-2023-23xx/CVE-2023-2360.json) (`2023-05-05T17:54:49.673`) -* [CVE-2023-25358](CVE-2023/CVE-2023-253xx/CVE-2023-25358.json) (`2023-05-05T17:15:09.463`) -* [CVE-2023-27556](CVE-2023/CVE-2023-275xx/CVE-2023-27556.json) (`2023-05-05T17:20:33.150`) -* [CVE-2023-27557](CVE-2023/CVE-2023-275xx/CVE-2023-27557.json) (`2023-05-05T17:22:40.030`) -* [CVE-2023-28205](CVE-2023/CVE-2023-282xx/CVE-2023-28205.json) (`2023-05-05T17:15:09.547`) -* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-30380](CVE-2023/CVE-2023-303xx/CVE-2023-30380.json) (`2023-05-05T17:16:16.607`) -* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-05T16:27:24.373`) -* [CVE-2023-30466](CVE-2023/CVE-2023-304xx/CVE-2023-30466.json) (`2023-05-05T17:27:07.267`) -* [CVE-2023-30467](CVE-2023/CVE-2023-304xx/CVE-2023-30467.json) (`2023-05-05T17:57:32.067`) -* [CVE-2023-30549](CVE-2023/CVE-2023-305xx/CVE-2023-30549.json) (`2023-05-05T16:43:37.560`) -* [CVE-2023-30848](CVE-2023/CVE-2023-308xx/CVE-2023-30848.json) (`2023-05-05T16:53:10.463`) -* [CVE-2023-30849](CVE-2023/CVE-2023-308xx/CVE-2023-30849.json) (`2023-05-05T17:01:26.523`) -* [CVE-2023-31286](CVE-2023/CVE-2023-312xx/CVE-2023-31286.json) (`2023-05-05T16:03:42.800`) -* [CVE-2023-31436](CVE-2023/CVE-2023-314xx/CVE-2023-31436.json) (`2023-05-05T17:24:37.710`) +* [CVE-2020-21643](CVE-2020/CVE-2020-216xx/CVE-2020-21643.json) (`2023-05-05T18:18:58.807`) +* [CVE-2020-23647](CVE-2020/CVE-2020-236xx/CVE-2020-23647.json) (`2023-05-05T18:23:40.227`) +* [CVE-2020-23930](CVE-2020/CVE-2020-239xx/CVE-2020-23930.json) (`2023-05-05T19:45:30.473`) +* [CVE-2020-2978](CVE-2020/CVE-2020-29xx/CVE-2020-2978.json) (`2023-05-05T19:15:14.877`) +* [CVE-2021-32269](CVE-2021/CVE-2021-322xx/CVE-2021-32269.json) (`2023-05-05T19:45:33.843`) +* [CVE-2021-32270](CVE-2021/CVE-2021-322xx/CVE-2021-32270.json) (`2023-05-05T19:44:14.497`) +* [CVE-2021-32271](CVE-2021/CVE-2021-322xx/CVE-2021-32271.json) (`2023-05-05T19:44:22.500`) +* [CVE-2022-25091](CVE-2022/CVE-2022-250xx/CVE-2022-25091.json) (`2023-05-05T18:09:25.867`) +* [CVE-2022-25276](CVE-2022/CVE-2022-252xx/CVE-2022-25276.json) (`2023-05-05T19:26:17.550`) +* [CVE-2022-27146](CVE-2022/CVE-2022-271xx/CVE-2022-27146.json) (`2023-05-05T19:44:29.047`) +* [CVE-2022-27147](CVE-2022/CVE-2022-271xx/CVE-2022-27147.json) (`2023-05-05T19:41:18.380`) +* [CVE-2022-27148](CVE-2022/CVE-2022-271xx/CVE-2022-27148.json) (`2023-05-05T19:41:23.447`) +* [CVE-2022-36190](CVE-2022/CVE-2022-361xx/CVE-2022-36190.json) (`2023-05-05T19:41:29.807`) +* [CVE-2022-36191](CVE-2022/CVE-2022-361xx/CVE-2022-36191.json) (`2023-05-05T19:44:35.683`) +* [CVE-2022-38530](CVE-2022/CVE-2022-385xx/CVE-2022-38530.json) (`2023-05-05T19:41:13.080`) +* [CVE-2022-38583](CVE-2022/CVE-2022-385xx/CVE-2022-38583.json) (`2023-05-05T18:00:52.370`) +* [CVE-2022-3957](CVE-2022/CVE-2022-39xx/CVE-2022-3957.json) (`2023-05-05T19:45:44.160`) +* [CVE-2022-41397](CVE-2022/CVE-2022-413xx/CVE-2022-41397.json) (`2023-05-05T18:01:24.683`) +* [CVE-2022-41398](CVE-2022/CVE-2022-413xx/CVE-2022-41398.json) (`2023-05-05T18:02:07.837`) +* [CVE-2022-41399](CVE-2022/CVE-2022-413xx/CVE-2022-41399.json) (`2023-05-05T18:02:32.277`) +* [CVE-2022-41400](CVE-2022/CVE-2022-414xx/CVE-2022-41400.json) (`2023-05-05T18:03:05.717`) +* [CVE-2022-43039](CVE-2022/CVE-2022-430xx/CVE-2022-43039.json) (`2023-05-05T19:58:27.320`) +* [CVE-2022-43040](CVE-2022/CVE-2022-430xx/CVE-2022-43040.json) (`2023-05-05T19:41:54.217`) +* [CVE-2022-45343](CVE-2022/CVE-2022-453xx/CVE-2022-45343.json) (`2023-05-05T19:44:42.427`) +* [CVE-2022-46489](CVE-2022/CVE-2022-464xx/CVE-2022-46489.json) (`2023-05-05T19:42:28.817`) +* [CVE-2022-46490](CVE-2022/CVE-2022-464xx/CVE-2022-46490.json) (`2023-05-05T19:44:22.603`) +* [CVE-2022-47086](CVE-2022/CVE-2022-470xx/CVE-2022-47086.json) (`2023-05-05T19:45:24.277`) +* [CVE-2022-47087](CVE-2022/CVE-2022-470xx/CVE-2022-47087.json) (`2023-05-05T19:47:14.690`) +* [CVE-2022-47088](CVE-2022/CVE-2022-470xx/CVE-2022-47088.json) (`2023-05-05T19:57:17.957`) +* [CVE-2022-47089](CVE-2022/CVE-2022-470xx/CVE-2022-47089.json) (`2023-05-05T19:54:20.850`) +* [CVE-2022-47091](CVE-2022/CVE-2022-470xx/CVE-2022-47091.json) (`2023-05-05T19:50:47.057`) +* [CVE-2022-47092](CVE-2022/CVE-2022-470xx/CVE-2022-47092.json) (`2023-05-05T19:40:22.817`) +* [CVE-2022-47093](CVE-2022/CVE-2022-470xx/CVE-2022-47093.json) (`2023-05-05T19:51:18.837`) +* [CVE-2022-47094](CVE-2022/CVE-2022-470xx/CVE-2022-47094.json) (`2023-05-05T19:40:26.283`) +* [CVE-2022-47095](CVE-2022/CVE-2022-470xx/CVE-2022-47095.json) (`2023-05-05T19:40:30.743`) +* [CVE-2022-47653](CVE-2022/CVE-2022-476xx/CVE-2022-47653.json) (`2023-05-05T19:40:35.637`) +* [CVE-2022-47654](CVE-2022/CVE-2022-476xx/CVE-2022-47654.json) (`2023-05-05T19:40:45.267`) +* [CVE-2022-47656](CVE-2022/CVE-2022-476xx/CVE-2022-47656.json) (`2023-05-05T19:37:58.330`) +* [CVE-2022-47657](CVE-2022/CVE-2022-476xx/CVE-2022-47657.json) (`2023-05-05T19:38:05.143`) +* [CVE-2022-47658](CVE-2022/CVE-2022-476xx/CVE-2022-47658.json) (`2023-05-05T19:38:12.117`) +* [CVE-2022-47659](CVE-2022/CVE-2022-476xx/CVE-2022-47659.json) (`2023-05-05T19:39:01.907`) +* [CVE-2022-47660](CVE-2022/CVE-2022-476xx/CVE-2022-47660.json) (`2023-05-05T19:39:08.303`) +* [CVE-2022-47661](CVE-2022/CVE-2022-476xx/CVE-2022-47661.json) (`2023-05-05T19:37:33.643`) +* [CVE-2022-47662](CVE-2022/CVE-2022-476xx/CVE-2022-47662.json) (`2023-05-05T19:49:30.243`) +* [CVE-2022-47663](CVE-2022/CVE-2022-476xx/CVE-2022-47663.json) (`2023-05-05T19:50:24.380`) +* [CVE-2022-47874](CVE-2022/CVE-2022-478xx/CVE-2022-47874.json) (`2023-05-05T19:15:15.223`) +* [CVE-2022-47875](CVE-2022/CVE-2022-478xx/CVE-2022-47875.json) (`2023-05-05T19:15:15.283`) +* [CVE-2022-47876](CVE-2022/CVE-2022-478xx/CVE-2022-47876.json) (`2023-05-05T19:15:15.337`) +* [CVE-2022-47877](CVE-2022/CVE-2022-478xx/CVE-2022-47877.json) (`2023-05-05T19:15:15.393`) +* [CVE-2022-47878](CVE-2022/CVE-2022-478xx/CVE-2022-47878.json) (`2023-05-05T19:15:15.447`) +* [CVE-2023-0760](CVE-2023/CVE-2023-07xx/CVE-2023-0760.json) (`2023-05-05T19:45:48.030`) +* [CVE-2023-2246](CVE-2023/CVE-2023-22xx/CVE-2023-2246.json) (`2023-05-05T19:15:15.603`) +* [CVE-2023-2370](CVE-2023/CVE-2023-23xx/CVE-2023-2370.json) (`2023-05-05T18:03:39.193`) +* [CVE-2023-2371](CVE-2023/CVE-2023-23xx/CVE-2023-2371.json) (`2023-05-05T18:05:31.693`) +* [CVE-2023-2372](CVE-2023/CVE-2023-23xx/CVE-2023-2372.json) (`2023-05-05T18:06:09.003`) +* [CVE-2023-2380](CVE-2023/CVE-2023-23xx/CVE-2023-2380.json) (`2023-05-05T18:16:55.040`) +* [CVE-2023-2381](CVE-2023/CVE-2023-23xx/CVE-2023-2381.json) (`2023-05-05T18:16:29.463`) +* [CVE-2023-2382](CVE-2023/CVE-2023-23xx/CVE-2023-2382.json) (`2023-05-05T18:16:05.950`) +* [CVE-2023-2383](CVE-2023/CVE-2023-23xx/CVE-2023-2383.json) (`2023-05-05T18:17:13.490`) +* [CVE-2023-2384](CVE-2023/CVE-2023-23xx/CVE-2023-2384.json) (`2023-05-05T18:18:08.037`) +* [CVE-2023-2385](CVE-2023/CVE-2023-23xx/CVE-2023-2385.json) (`2023-05-05T18:18:32.757`) +* [CVE-2023-2386](CVE-2023/CVE-2023-23xx/CVE-2023-2386.json) (`2023-05-05T18:34:24.343`) +* [CVE-2023-2387](CVE-2023/CVE-2023-23xx/CVE-2023-2387.json) (`2023-05-05T18:34:43.560`) +* [CVE-2023-2388](CVE-2023/CVE-2023-23xx/CVE-2023-2388.json) (`2023-05-05T18:35:05.630`) +* [CVE-2023-2389](CVE-2023/CVE-2023-23xx/CVE-2023-2389.json) (`2023-05-05T18:35:44.867`) +* [CVE-2023-2390](CVE-2023/CVE-2023-23xx/CVE-2023-2390.json) (`2023-05-05T18:36:04.617`) +* [CVE-2023-2391](CVE-2023/CVE-2023-23xx/CVE-2023-2391.json) (`2023-05-05T18:36:22.327`) +* [CVE-2023-2392](CVE-2023/CVE-2023-23xx/CVE-2023-2392.json) (`2023-05-05T18:36:48.723`) +* [CVE-2023-2393](CVE-2023/CVE-2023-23xx/CVE-2023-2393.json) (`2023-05-05T18:27:26.553`) +* [CVE-2023-2394](CVE-2023/CVE-2023-23xx/CVE-2023-2394.json) (`2023-05-05T18:26:55.050`) +* [CVE-2023-2395](CVE-2023/CVE-2023-23xx/CVE-2023-2395.json) (`2023-05-05T18:31:07.607`) +* [CVE-2023-2396](CVE-2023/CVE-2023-23xx/CVE-2023-2396.json) (`2023-05-05T18:29:40.190`) +* [CVE-2023-2397](CVE-2023/CVE-2023-23xx/CVE-2023-2397.json) (`2023-05-05T18:34:00.993`) +* [CVE-2023-2408](CVE-2023/CVE-2023-24xx/CVE-2023-2408.json) (`2023-05-05T18:33:16.700`) +* [CVE-2023-2409](CVE-2023/CVE-2023-24xx/CVE-2023-2409.json) (`2023-05-05T18:32:54.917`) +* [CVE-2023-2410](CVE-2023/CVE-2023-24xx/CVE-2023-2410.json) (`2023-05-05T18:32:35.533`) +* [CVE-2023-2411](CVE-2023/CVE-2023-24xx/CVE-2023-2411.json) (`2023-05-05T18:32:04.407`) +* [CVE-2023-2412](CVE-2023/CVE-2023-24xx/CVE-2023-2412.json) (`2023-05-05T18:26:27.330`) +* [CVE-2023-2413](CVE-2023/CVE-2023-24xx/CVE-2023-2413.json) (`2023-05-05T18:25:53.750`) +* [CVE-2023-25437](CVE-2023/CVE-2023-254xx/CVE-2023-25437.json) (`2023-05-05T18:10:34.587`) +* [CVE-2023-27559](CVE-2023/CVE-2023-275xx/CVE-2023-27559.json) (`2023-05-05T19:40:43.037`) +* [CVE-2023-28613](CVE-2023/CVE-2023-286xx/CVE-2023-28613.json) (`2023-05-05T19:15:15.513`) +* [CVE-2023-29471](CVE-2023/CVE-2023-294xx/CVE-2023-29471.json) (`2023-05-05T18:11:57.897`) +* [CVE-2023-29489](CVE-2023/CVE-2023-294xx/CVE-2023-29489.json) (`2023-05-05T18:12:20.760`) +* [CVE-2023-29579](CVE-2023/CVE-2023-295xx/CVE-2023-29579.json) (`2023-05-05T18:04:17.810`) +* [CVE-2023-29582](CVE-2023/CVE-2023-295xx/CVE-2023-29582.json) (`2023-05-05T18:04:22.130`) +* [CVE-2023-29583](CVE-2023/CVE-2023-295xx/CVE-2023-29583.json) (`2023-05-05T18:04:31.307`) +* [CVE-2023-30123](CVE-2023/CVE-2023-301xx/CVE-2023-30123.json) (`2023-05-05T18:06:27.517`) ## Download and Usage