admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-06T02:00:25.275361+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-06 02:00:29 +00:00
parent fd037177a8
commit 022a42e130
29 changed files with 1473 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2020/CVE-2020-361xx/CVE-2020-36130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36130",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-02T22:15:08.650",
"lastModified": "2021-12-03T15:43:24.147",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:12.423",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-361xx/CVE-2020-36131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36131",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-02T22:15:08.693",
"lastModified": "2021-12-03T15:43:18.513",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:12.877",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-361xx/CVE-2020-36133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36133",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-02T22:15:08.733",
"lastModified": "2021-12-03T15:42:18.087",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:12.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-361xx/CVE-2020-36135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36135",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-12-02T22:15:08.833",
"lastModified": "2021-12-03T16:11:06.837",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:13.023",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2021/CVE-2021-304xx/CVE-2021-30473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-30473",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-05-06T15:15:07.943",
"lastModified": "2021-06-17T16:58:41.767",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:13.093",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -125,6 +125,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4/",
"source": "cve@mitre.org",

8
CVE-2021/CVE-2021-304xx/CVE-2021-30474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-30474",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-06-02T17:15:08.630",
"lastModified": "2021-06-09T18:20:28.703",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:13.203",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,10 @@
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2021/CVE-2021-304xx/CVE-2021-30475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-30475",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-06-04T14:15:07.540",
"lastModified": "2021-06-17T16:40:07.217",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-06T01:15:13.293",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -125,6 +125,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00003.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZXCI33HXH6YSOGC2LPE2REQLMIDH6US4/",
"source": "cve@mitre.org",

74
CVE-2023/CVE-2023-311xx/CVE-2023-31173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31173",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:09.567",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:16:55.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5037_sel_grid_configurator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0.20",
"matchCriteriaId": "8DE1284E-619F-49AC-AE96-0A4ECD76292B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nozominetworks.com/blog/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Not Applicable"
]
}
]
}

74
CVE-2023/CVE-2023-343xx/CVE-2023-34391.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34391",
"sourceIdentifier": "security@selinc.com",
"published": "2023-08-31T16:15:10.017",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:17:21.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "security@selinc.com",
"type": "Secondary",
@ -46,14 +76,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:selinc:sel-5033_acselerator_real-time_automation_controller:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.35.151.21000",
"matchCriteriaId": "04B9F90F-D14F-4F36-BF6E-A1D3555F1AE6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://dragos.com",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://selinc.com/support/security-notifications/external-reports/",
"source": "security@selinc.com"
"source": "security@selinc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-363xx/CVE-2023-36326.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36326",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.077",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:04:24.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:relic_project:relic:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022-11-14",
"matchCriteriaId": "D636CA1B-2334-4D2F-92E0-FADDA9CDF77B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

69
CVE-2023/CVE-2023-363xx/CVE-2023-36327.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36327",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.127",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:05:15.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:relic_project:relic:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022-11-14",
"matchCriteriaId": "D636CA1B-2334-4D2F-92E0-FADDA9CDF77B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

85
CVE-2023/CVE-2023-363xx/CVE-2023-36328.json
View File

@ -2,23 +2,98 @@
"id": "CVE-2023-36328",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.177",
"lastModified": "2023-09-05T03:15:11.540",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:05:29.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtom:libtommath:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-05-09",
"matchCriteriaId": "0838AE42-FC51-47AA-8752-C22D933B108C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/libtom/libtommath/pull/546",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3H2PFUTBKQUDSOJXQQS7LUSZQWT3JTW2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

66
CVE-2023/CVE-2023-395xx/CVE-2023-39582.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-39582",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.230",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:05:45.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chamilo:chamilo_lms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.11",
"versionEndIncluding": "1.11.20",
"matchCriteriaId": "9B351FC0-38FB-4498-8454-EF90CC0C24BF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-126-2023-07-18-High-impact-Low-risk-SQL-injection-by-admin-users",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-396xx/CVE-2023-39631.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-39631",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.370",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:06:06.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:langchain:langchain:0.0.245:*:*:*:*:*:*:*",
"matchCriteriaId": "6573CC2E-2720-44F4-B560-17D6A56BDD3F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/langchain-ai/langchain/issues/8363",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/pydata/numexpr/issues/442",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-397xx/CVE-2023-39714.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-39714",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T18:15:07.710",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:04:08.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:free_and_open_source_inventory_management_system_project:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED4E30A0-0847-427A-9B08-FB699FCC7958"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Arajawat007/141e68161014e832e30d39b1979a8a6c#file-cve-2023-39714",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.sourcecodester.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

65
CVE-2023/CVE-2023-407xx/CVE-2023-40771.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-40771",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.423",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:14:02.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dataease:dataease:1.18.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D1AE6464-BAA2-474D-AE65-EB1AA6CE2EDC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dataease/dataease/issues/5861",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-409xx/CVE-2023-40968.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-40968",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T16:15:08.473",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:14:10.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hzeller:timg:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6F3F7A0-FF28-4B32-B4BB-7E95A859A324"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hzeller/timg/issues/115",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-410xx/CVE-2023-41049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41049",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-01T20:15:07.873",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:02:42.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,50 @@
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:decentraland:single_sign_on_client:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "0.1.0",
"matchCriteriaId": "73FD9007-FDA7-4B16-AF46-F8D119264125"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/decentraland/single-sign-on-client/commit/bd20ea9533d0cda30809d929db85b1b76cef855a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/decentraland/single-sign-on-client/security/advisories/GHSA-vp4f-wxgw-7x8x",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-416xx/CVE-2023-41633.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-41633",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-01T19:15:43.003",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:02:58.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:catdoc_project:catdoc:0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "6CE9FF5B-A288-4C98-B162-231FDEDCE4AC"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

133
CVE-2023/CVE-2023-417xx/CVE-2023-41743.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41743",
"sourceIdentifier": "security@acronis.com",
"published": "2023-08-31T16:15:10.270",
"lastModified": "2023-08-31T20:15:08.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:17:30.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,14 +78,107 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c23.02",
"matchCriteriaId": "6F4ABAEF-E87F-40CF-B8DA-5E70F9A480B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8418AF63-E280-4CE2-8E5C-DCD00ABE6557"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:39900:*:*:*:*:*:*:*",
"matchCriteriaId": "E0894339-A1AD-4382-A4B0-C13FEDE1F076"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40107:*:*:*:*:*:*:*",
"matchCriteriaId": "6DE560C6-2EC0-4C58-AA31-B15512F45877"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40173:*:*:*:*:*:*:*",
"matchCriteriaId": "E47F65B4-ACD6-4507-9242-35530163A730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:40208:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9F5E36-F752-4C7C-A678-D5B596A71C67"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/SEC-4858",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5487",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

103
CVE-2023/CVE-2023-417xx/CVE-2023-41744.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41744",
"sourceIdentifier": "security@acronis.com",
"published": "2023-08-31T16:15:10.343",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:17:41.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,75 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c22.10",
"matchCriteriaId": "81FB9AF4-BC2B-46BE-A2B3-083CD57718FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4728",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4485.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4485",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-09-06T00:15:07.530",
"lastModified": "2023-09-06T00:15:07.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ARDEREG\u00a0?Sistema SCADA Central versions 2.203 and prior\nlogin page are vulnerable to an unauthenticated blind SQL injection attack. An attacker could manipulate the application's SQL query logic to extract sensitive information or perform unauthorized actions within the database. In this case, the vulnerability could allow an attacker to execute arbitrary SQL queries through the login page, potentially leading to unauthorized access, data leakage, or even disruption of critical industrial processes.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-46xx/CVE-2023-4683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4683",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-31T16:15:10.767",
"lastModified": "2023-08-31T17:25:54.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:16:36.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3-dev",
"matchCriteriaId": "F76B0068-AE98-4B7C-885D-B083842F6521"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/112767e8b178fc82dec3cf82a1ca14d802cdb8ec",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/7852e4d2-af4e-4421-a39e-db23e0549922",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-47xx/CVE-2023-4707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4707",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-01T18:15:07.793",
"lastModified": "2023-09-02T15:15:27.653",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:03:54.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,56 @@
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infosoftbd:clcknshop:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "543FD9CD-F1BB-4CA7-B6AD-CB08A3782895"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174444/Clcknshop-1.0.0-Cross-Site-Scripting.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.238570",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.238570",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-47xx/CVE-2023-4708.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4708",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-01T18:15:07.893",
"lastModified": "2023-09-02T15:15:27.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-06T00:03:18.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infosoftbd:clcknshop:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "543FD9CD-F1BB-4CA7-B6AD-CB08A3782895"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174445/Clcknshop-1.0.0-SQL-Injection.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.238571",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.238571",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-47xx/CVE-2023-4720.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4720",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-01T16:15:08.577",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:14:31.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3-dev",
"matchCriteriaId": "F76B0068-AE98-4B7C-885D-B083842F6521"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-47xx/CVE-2023-4721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4721",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-01T16:15:08.660",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:15:28.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3-dev",
"matchCriteriaId": "F76B0068-AE98-4B7C-885D-B083842F6521"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-47xx/CVE-2023-4722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4722",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-01T16:15:08.737",
"lastModified": "2023-09-01T21:15:30.513",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-06T00:15:42.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3-dev",
"matchCriteriaId": "F76B0068-AE98-4B7C-885D-B083842F6521"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

57
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-05T23:55:25.334896+00:00
2023-09-06T02:00:25.275361+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-05T23:15:08.177000+00:00
2023-09-06T01:15:13.293000+00:00
```
### Last Data Feed Release
@ -23,44 +23,51 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-09-05T00:00:13.556249+00:00
2023-09-06T00:00:13.580076+00:00
```
### Total Number of included CVEs
```plain
224259
224260
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `1`
* [CVE-2023-30534](CVE-2023/CVE-2023-305xx/CVE-2023-30534.json) (`2023-09-05T22:15:08.240`)
* [CVE-2023-31132](CVE-2023/CVE-2023-311xx/CVE-2023-31132.json) (`2023-09-05T22:15:08.487`)
* [CVE-2023-34637](CVE-2023/CVE-2023-346xx/CVE-2023-34637.json) (`2023-09-05T22:15:08.577`)
* [CVE-2023-39357](CVE-2023/CVE-2023-393xx/CVE-2023-39357.json) (`2023-09-05T22:15:08.637`)
* [CVE-2023-39358](CVE-2023/CVE-2023-393xx/CVE-2023-39358.json) (`2023-09-05T22:15:08.733`)
* [CVE-2023-39362](CVE-2023/CVE-2023-393xx/CVE-2023-39362.json) (`2023-09-05T22:15:08.817`)
* [CVE-2023-39364](CVE-2023/CVE-2023-393xx/CVE-2023-39364.json) (`2023-09-05T22:15:08.910`)
* [CVE-2023-39365](CVE-2023/CVE-2023-393xx/CVE-2023-39365.json) (`2023-09-05T22:15:09.017`)
* [CVE-2023-39516](CVE-2023/CVE-2023-395xx/CVE-2023-39516.json) (`2023-09-05T22:15:09.180`)
* [CVE-2023-41507](CVE-2023/CVE-2023-415xx/CVE-2023-41507.json) (`2023-09-05T22:15:09.337`)
* [CVE-2023-4761](CVE-2023/CVE-2023-47xx/CVE-2023-4761.json) (`2023-09-05T22:15:09.583`)
* [CVE-2023-4762](CVE-2023/CVE-2023-47xx/CVE-2023-4762.json) (`2023-09-05T22:15:09.677`)
* [CVE-2023-4763](CVE-2023/CVE-2023-47xx/CVE-2023-4763.json) (`2023-09-05T22:15:09.777`)
* [CVE-2023-4764](CVE-2023/CVE-2023-47xx/CVE-2023-4764.json) (`2023-09-05T22:15:09.883`)
* [CVE-2023-4487](CVE-2023/CVE-2023-44xx/CVE-2023-4487.json) (`2023-09-05T23:15:08.177`)
* [CVE-2023-4485](CVE-2023/CVE-2023-44xx/CVE-2023-4485.json) (`2023-09-06T00:15:07.530`)
### CVEs modified in the last Commit
Recently modified CVEs: `4`
Recently modified CVEs: `27`
* [CVE-2014-8361](CVE-2014/CVE-2014-83xx/CVE-2014-8361.json) (`2023-09-05T22:15:07.477`)
* [CVE-2023-41638](CVE-2023/CVE-2023-416xx/CVE-2023-41638.json) (`2023-09-05T22:15:09.440`)
* [CVE-2023-3823](CVE-2023/CVE-2023-38xx/CVE-2023-3823.json) (`2023-09-05T23:15:07.383`)
* [CVE-2023-3824](CVE-2023/CVE-2023-38xx/CVE-2023-3824.json) (`2023-09-05T23:15:07.883`)
* [CVE-2020-36133](CVE-2020/CVE-2020-361xx/CVE-2020-36133.json) (`2023-09-06T01:15:12.950`)
* [CVE-2020-36135](CVE-2020/CVE-2020-361xx/CVE-2020-36135.json) (`2023-09-06T01:15:13.023`)
* [CVE-2021-30473](CVE-2021/CVE-2021-304xx/CVE-2021-30473.json) (`2023-09-06T01:15:13.093`)
* [CVE-2021-30474](CVE-2021/CVE-2021-304xx/CVE-2021-30474.json) (`2023-09-06T01:15:13.203`)
* [CVE-2021-30475](CVE-2021/CVE-2021-304xx/CVE-2021-30475.json) (`2023-09-06T01:15:13.293`)
* [CVE-2023-41049](CVE-2023/CVE-2023-410xx/CVE-2023-41049.json) (`2023-09-06T00:02:42.857`)
* [CVE-2023-41633](CVE-2023/CVE-2023-416xx/CVE-2023-41633.json) (`2023-09-06T00:02:58.710`)
* [CVE-2023-4708](CVE-2023/CVE-2023-47xx/CVE-2023-4708.json) (`2023-09-06T00:03:18.140`)
* [CVE-2023-4707](CVE-2023/CVE-2023-47xx/CVE-2023-4707.json) (`2023-09-06T00:03:54.440`)
* [CVE-2023-39714](CVE-2023/CVE-2023-397xx/CVE-2023-39714.json) (`2023-09-06T00:04:08.890`)
* [CVE-2023-36326](CVE-2023/CVE-2023-363xx/CVE-2023-36326.json) (`2023-09-06T00:04:24.377`)
* [CVE-2023-36327](CVE-2023/CVE-2023-363xx/CVE-2023-36327.json) (`2023-09-06T00:05:15.863`)
* [CVE-2023-36328](CVE-2023/CVE-2023-363xx/CVE-2023-36328.json) (`2023-09-06T00:05:29.907`)
* [CVE-2023-39582](CVE-2023/CVE-2023-395xx/CVE-2023-39582.json) (`2023-09-06T00:05:45.737`)
* [CVE-2023-39631](CVE-2023/CVE-2023-396xx/CVE-2023-39631.json) (`2023-09-06T00:06:06.167`)
* [CVE-2023-40771](CVE-2023/CVE-2023-407xx/CVE-2023-40771.json) (`2023-09-06T00:14:02.790`)
* [CVE-2023-40968](CVE-2023/CVE-2023-409xx/CVE-2023-40968.json) (`2023-09-06T00:14:10.897`)
* [CVE-2023-4720](CVE-2023/CVE-2023-47xx/CVE-2023-4720.json) (`2023-09-06T00:14:31.183`)
* [CVE-2023-4721](CVE-2023/CVE-2023-47xx/CVE-2023-4721.json) (`2023-09-06T00:15:28.960`)
* [CVE-2023-4722](CVE-2023/CVE-2023-47xx/CVE-2023-4722.json) (`2023-09-06T00:15:42.687`)
* [CVE-2023-4683](CVE-2023/CVE-2023-46xx/CVE-2023-4683.json) (`2023-09-06T00:16:36.840`)
* [CVE-2023-31173](CVE-2023/CVE-2023-311xx/CVE-2023-31173.json) (`2023-09-06T00:16:55.390`)
* [CVE-2023-34391](CVE-2023/CVE-2023-343xx/CVE-2023-34391.json) (`2023-09-06T00:17:21.697`)
* [CVE-2023-41743](CVE-2023/CVE-2023-417xx/CVE-2023-41743.json) (`2023-09-06T00:17:30.413`)
* [CVE-2023-41744](CVE-2023/CVE-2023-417xx/CVE-2023-41744.json) (`2023-09-06T00:17:41.660`)
## Download and Usage