admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-10T04:00:24.206269+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-10 06:00:27 +02:00
parent 9895277da4
commit 026eab8615
50 changed files with 2257 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
CVE-2017/CVE-2017-111xx/CVE-2017-11197.json
View File

@ -2,23 +2,90 @@
"id": "CVE-2017-11197",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:09.083",
"lastModified": "2023-05-04T13:03:15.830",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:56:15.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the \"add printer\" option."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyberark:viewfinity:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.1.1.220",
"matchCriteriaId": "8650DB01-D5B4-4243-B537-6100D31BFB7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cyberark:viewfinity:5.5.10.95:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF90CE4-876B-4ACA-96AC-EF5B57931CEC"
}
]
}
]
}
],
"references": [
{
"url": "http://lp.cyberark.com/rs/316-CZP-275/images/ds-Viewfinity-102315-web.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.exploit-db.com/exploits/42319",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2020/CVE-2020-224xx/CVE-2020-22429.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2020-22429",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:09.780",
"lastModified": "2023-05-04T13:03:12.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:54:49.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "redox-os v0.1.0 was discovered to contain a use-after-free bug via the gethostbyaddr() function at /src/header/netdb/mod.rs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redox-os:redox:0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E46F89F9-0669-48D0-B3C3-43CA61D8ED49"
}
]
}
]
}
],
"references": [
{
"url": "https://burtonqin.github.io/posts/2023/04/CVE-2020-22429/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.redox-os.org/redox-os/relibc/issues/159",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-363xx/CVE-2022-36330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-36330",
"sourceIdentifier": "psirt@wdc.com",
"published": "2023-05-10T00:15:09.467",
"lastModified": "2023-05-10T00:15:09.467",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

72
CVE-2022/CVE-2022-391xx/CVE-2022-39161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39161",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-03T20:15:09.957",
"lastModified": "2023-05-04T13:03:12.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:54:37.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,58 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:-:*:*:*:liberty:*:*:*",
"matchCriteriaId": "7E0B3D5C-C912-4874-AD3D-62B6E6EBE742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B0905C80-A1BA-49CD-90CA-9270ECC3940C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07EBB48B-4EE2-4333-851E-BA1B104FBE92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E30E8CE2-9137-4669-AE86-FB8ED0899736"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4F6F77C-2C0D-4A31-B2A0-DB1C4296FF5E"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/235069",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://https://www.ibm.com/support/pages/node/6987779",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
]
}
]
}

47
CVE-2022/CVE-2022-458xx/CVE-2022-45812.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45812",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T13:15:09.443",
"lastModified": "2023-05-08T13:26:36.163",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:25:17.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exxp_project:exxp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.8",
"matchCriteriaId": "A4FEDB61-24C9-40A3-A247-E731123DB689"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/exxp-wp/wordpress-exxp-plugin-2-6-8-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2022/CVE-2022-477xx/CVE-2022-47757.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2022-47757",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T02:15:09.177",
"lastModified": "2023-05-04T13:03:05.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:54:12.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In imo.im 2022.11.1051, a path traversal vulnerability delivered via an unsanitized deeplink can force the application to write a file into the application's data directory. This may allow an attacker to save a shared library under a special directory which the app uses to dynamically load modules. Loading the library can lead to arbitrary code execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imo:imo:2022.11.1051:*:*:*:*:android:*:*",
"matchCriteriaId": "2C261396-DB0A-4FD3-834B-64088A85D609"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Ch0pin/security-advisories/security/advisories/GHSA-ghf9-x3c5-3mwj",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-21xx/CVE-2023-2156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-09T22:15:10.133",
"lastModified": "2023-05-09T22:15:10.133",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-236xx/CVE-2023-23668.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23668",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T12:15:09.440",
"lastModified": "2023-05-08T12:50:24.320",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:24:50.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.25.2",
"matchCriteriaId": "67CE18F0-E2D8-49F4-89CC-CE3933D10353"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-contributor-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-244xx/CVE-2023-24400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24400",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-07T00:15:09.023",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:24:37.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hu-manity:cookie_notice_\\&_compliance_for_gdpr_\\/_ccpa:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.7",
"matchCriteriaId": "D7E47810-FAFC-4040-9B22-D961082EA1D3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cookie-notice/wordpress-cookie-notice-compliance-for-gdpr-ccpa-plugin-2-4-6-cross-site-scripting-xss-vulnerability",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-247xx/CVE-2023-24744.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-24744",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:10.230",
"lastModified": "2023-05-04T13:03:12.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:54:26.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Rediker Software AdminPlus 6.1.91.00 allows remote attackers to run arbitrary code via the onload function within the application DOM."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rediker:adminplus:6.1.91.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF1B694D-E6B8-48F3-8509-8D6400F37606"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HeidiSecurities/CVEs/blob/main/CVE-2023-24744/Rediker%20-%20XSS%20(Reflected%20&%20DOM-based).md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-24xx/CVE-2023-2427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2427",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T19:15:15.687",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:19:43.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.13",
"matchCriteriaId": "C8E79CDF-44C3-4462-BDA6-E23A25A11D0D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/514f4df2ad918e69575028d58b2e33aaf536e59b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/89005a6d-d019-4cb7-ae88-486d2d44190d",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-250xx/CVE-2023-25021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25021",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T12:15:09.527",
"lastModified": "2023-05-08T12:50:24.320",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:25:03.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fareharbor:fareharbor:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.6.7",
"matchCriteriaId": "62BEFB1B-283C-4918-A796-006147F20E4E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/fareharbor/wordpress-fareharbor-for-wordpress-plugin-3-6-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-250xx/CVE-2023-25052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25052",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T13:15:09.537",
"lastModified": "2023-05-08T13:26:36.163",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:26:02.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:te-st:yandex.news_feed_by_teplitsa:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.12.5",
"matchCriteriaId": "B142D69C-015F-49D4-AF6F-7D1D2CF7363C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/yandexnews-feed-by-teplitsa/wordpress-yandex-news-feed-by-teplitsa-plugin-1-12-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-254xx/CVE-2023-25452.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25452",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T13:15:09.593",
"lastModified": "2023-05-08T13:26:36.163",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:26:18.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cms_press_project:cms_press:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.2.3",
"matchCriteriaId": "00CBA8DA-0E7D-4C61-839D-7B0A16222B97"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cms-press/wordpress-cms-press-plugin-0-2-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-254xx/CVE-2023-25491.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25491",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-06T23:15:09.230",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:24:21.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jch_optimize_project:jch_optimize:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.3",
"matchCriteriaId": "44B55451-B623-4BC7-BE3D-507E5049168A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jch-optimize/wordpress-jch-optimize-plugin-3-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-258xx/CVE-2023-25831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25831",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T21:15:11.513",
"lastModified": "2023-05-09T21:15:11.513",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-258xx/CVE-2023-25832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25832",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T21:15:11.590",
"lastModified": "2023-05-09T21:15:11.590",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-258xx/CVE-2023-25833.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25833",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-10T02:15:08.933",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may allow a remote, authenticated attacker to create a crafted link which when clicked could render arbitrary HTML in the victim\u2019s browser (no stateful change made or customer data rendered)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
}
]
}

47
CVE-2023/CVE-2023-259xx/CVE-2023-25962.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25962",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T13:15:18.060",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:29:05.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oxilab:accordions:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "DF316231-A14E-4C30-9D6E-4BB400E69F71"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/accordions-or-faqs/wordpress-accordions-multiple-accordions-or-faqs-builder-plugin-2-3-0-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2516",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T19:15:15.763",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:20:02.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.7",
"matchCriteriaId": "77E017F7-C597-4550-9520-9444D115C381"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nilsteampassnet/teampass/commit/39b774cba118ca5383b0a51a71b1e7dea2761927",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/19470f0b-7094-4339-8d4a-4b5570b54716",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2550",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T20:15:10.557",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:20:24.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1.13",
"matchCriteriaId": "C8E79CDF-44C3-4462-BDA6-E23A25A11D0D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/20ac51594db11604a4518aacc28a51f67d4f11bf",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/840c8d91-c97e-4116-a9f8-4ab1a38d239b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-25xx/CVE-2023-2551.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2551",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T20:15:10.627",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:21:54.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-829"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bumsys_project:bumsys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.1",
"matchCriteriaId": "BF1EFA12-BE45-44F6-8183-17C10311974E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unilogies/bumsys/commit/86e29dd23df348ec6075f0c0de8e06b8d9fb0a9a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/5723613c-55c6-4f18-9ed3-61ad44f5de9c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2552",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T20:15:10.713",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:22:08.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bumsys_project:bumsys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.1",
"matchCriteriaId": "BF1EFA12-BE45-44F6-8183-17C10311974E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unilogies/bumsys/commit/86e29dd23df348ec6075f0c0de8e06b8d9fb0a9a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/ab0b4655-f57a-4113-849b-2237eeb75b32",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-25xx/CVE-2023-2553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2553",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T20:15:10.803",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:23:43.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,7 +58,7 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +66,51 @@
"value": "CWE-79"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bumsys_project:bumsys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "BFF79BFE-5BE2-4217-83F1-5ADC5D475D55"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unilogies/bumsys/commit/1b426f58a513194206d0ea8ab58baf1461e54978",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/4e1f5b56-e846-40d8-a83c-533efd56aacf",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

46
CVE-2023/CVE-2023-260xx/CVE-2023-26016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26016",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T13:15:18.633",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:28:53.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_portfolio_gallery_project:simple_portfolio_gallery:0.1:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4A1C2762-7D57-4A0C-93C5-EA104E92EA15"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-portfolio-gallery/wordpress-simple-portfolio-gallery-plugin-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-265xx/CVE-2023-26517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26517",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-06T07:15:43.443",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:23:55.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plugin-planet:dashboard_widget_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.2",
"matchCriteriaId": "6EF0FCE2-F70C-4640-B37E-031861CE487A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dashboard-widgets-suite/wordpress-dashboard-widgets-suite-plugin-3-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-265xx/CVE-2023-26519.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26519",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-06T07:15:43.640",
"lastModified": "2023-05-08T02:37:45.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:24:07.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:publish_to_schedule_project:publish_to_schedule:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5.5",
"matchCriteriaId": "68E95322-801F-4673-B0B0-CE305E1978B9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/publish-to-schedule/wordpress-publish-to-schedule-plugin-4-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-26xx/CVE-2023-2610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2610",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-09T22:15:10.197",
"lastModified": "2023-05-09T22:15:10.197",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-281xx/CVE-2023-28125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28125",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.720",
"lastModified": "2023-05-09T22:15:09.720",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-281xx/CVE-2023-28126.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28126",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.813",
"lastModified": "2023-05-09T22:15:09.813",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-281xx/CVE-2023-28127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28127",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.870",
"lastModified": "2023-05-09T22:15:09.870",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-281xx/CVE-2023-28128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28128",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.920",
"lastModified": "2023-05-09T22:15:09.920",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-281xx/CVE-2023-28169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28169",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T13:15:09.650",
"lastModified": "2023-05-08T13:26:36.163",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T02:26:38.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:easy_event_calendar_project:easy_event_calendar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "58315375-C367-447A-B925-4CBDF8825869"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-event-calendar/wordpress-easy-event-calendar-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-283xx/CVE-2023-28316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28316",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:09.980",
"lastModified": "2023-05-09T22:15:09.980",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-283xx/CVE-2023-28317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28317",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:10.027",
"lastModified": "2023-05-09T22:15:10.027",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-283xx/CVE-2023-28318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28318",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-05-09T22:15:10.083",
"lastModified": "2023-05-09T22:15:10.083",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

74
CVE-2023/CVE-2023-298xx/CVE-2023-29842.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-29842",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T03:15:09.600",
"lastModified": "2023-05-06T20:15:09.223",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:58:32.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ChurchCRM 4.5.4 endpoint /EditEventTypes.php is vulnerable to Blind SQL Injection (Time-based) via the EN_tyid POST parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:churchcrm:churchcrm:4.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B55D7EE2-CEB8-45EC-A48C-C0A8B90E4E53"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ChurchCRM/CRM",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/arvandy/CVE/blob/main/CVE-2023-29842/CVE-2023-29842.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/arvandy/CVE/blob/main/CVE-2023-29842/CVE-2023-29842.py",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-300xx/CVE-2023-30056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30056",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T21:15:11.673",
"lastModified": "2023-05-09T21:15:11.673",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-300xx/CVE-2023-30057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30057",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T21:15:11.717",
"lastModified": "2023-05-09T21:15:11.717",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

68
CVE-2023/CVE-2023-300xx/CVE-2023-30077.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-30077",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T03:15:20.930",
"lastModified": "2023-05-04T13:03:05.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:57:51.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Judging Management System v1.0 by oretnom23 was discovered to vulnerable to SQL injection via /php-jms/review_result.php?mainevent_id=, mainevent_id."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:judging_management_system_project:judging_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE693B0-3497-406C-AD53-36AC05735004"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Dzero57/cve_report/blob/main/judging-management-system/SQLi-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.github.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

66
CVE-2023/CVE-2023-301xx/CVE-2023-30184.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-30184",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T17:15:14.047",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:53:22.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typecho:typecho:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.0",
"matchCriteriaId": "6E76E682-FBFE-4F43-85E0-B59B7ACE52BD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/typecho/typecho/issues/1546",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

11
CVE-2023/CVE-2023-302xx/CVE-2023-30267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30267",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T14:15:09.777",
"lastModified": "2023-05-04T18:43:05.367",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-10T02:15:09.027",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -66,11 +66,8 @@
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/CLTPHP6.0%20Reflected%20cross-site%20scripting(XSS).md",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
"url": "https://gist.github.com/HuBenLab/e26ee91c43d4409437df350398ec6cf6",
"source": "cve@mitre.org"
}
]
}

65
CVE-2023/CVE-2023-303xx/CVE-2023-30300.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-30300",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T20:15:10.327",
"lastModified": "2023-05-04T13:03:12.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:54:22.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the component hang.wasm of WebAssembly 1.0 causes an infinite loop."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w3:webassembly:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84AAF761-2870-48C9-9FB8-34701902B4ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/WebAssembly/wabt/issues/2180",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-303xx/CVE-2023-30331.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-30331",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T03:15:21.267",
"lastModified": "2023-05-04T13:03:05.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:53:34.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the render function of beetl v3.15.0 allows attackers to execute server-side template injection (SSTI) via a crafted payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beetl_project:beetl:3.15:0:*:*:*:*:*:*",
"matchCriteriaId": "A440D0FB-E363-494B-AA91-FCB1AEA631D6"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/xiandafu/beetl/issues/I6RUIP",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/luelueking/Beetl-3.15.0-vuln-poc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-308xx/CVE-2023-30861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30861",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-02T18:15:52.373",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:55:54.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,26 +66,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palletsprojects:flask:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "D663DAAF-D84C-4510-98CE-D24A4034CF18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palletsprojects:flask:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "2.3.2",
"matchCriteriaId": "6DE28F1D-750A-445D-8706-17E6F1E20F64"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pallets/flask/commit/70f906c51ce49c485f1d355703e9cc3386b1cc2b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pallets/flask/releases/tag/2.2.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/pallets/flask/releases/tag/2.3.2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

409
CVE-2023/CVE-2023-310xx/CVE-2023-31099.json
View File

@ -2,23 +2,422 @@
"id": "CVE-2023-31099",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T02:15:19.437",
"lastModified": "2023-05-04T13:03:05.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:53:41.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe servers."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.6",
"matchCriteriaId": "30BF0F86-635A-4637-A5F9-9FA122845610"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126000:*:*:*:*:*:*",
"matchCriteriaId": "48C09D5D-BC77-42DC-9A72-00A71F8C1A21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126001:*:*:*:*:*:*",
"matchCriteriaId": "14269E88-7186-4F2C-B770-964D0AD7D414"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126002:*:*:*:*:*:*",
"matchCriteriaId": "31498701-6732-40E4-8F3D-55EE8A77D61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126004:*:*:*:*:*:*",
"matchCriteriaId": "B740E757-147B-4DEB-89C5-59EB9FFBD6BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126005:*:*:*:*:*:*",
"matchCriteriaId": "BE1CA16B-558F-426A-B87B-23D47681F1AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126100:*:*:*:*:*:*",
"matchCriteriaId": "C46D091F-095F-4F1D-8D16-1021E15BC963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126101:*:*:*:*:*:*",
"matchCriteriaId": "2AE780F5-EF56-45F3-A5E7-805A24C04A97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126102:*:*:*:*:*:*",
"matchCriteriaId": "212A00BA-ED01-45F3-9E9C-9E6B75B82CDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126103:*:*:*:*:*:*",
"matchCriteriaId": "CBFA159F-0293-4E44-BB20-173021991107"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126104:*:*:*:*:*:*",
"matchCriteriaId": "356504E5-BE0A-4F54-8713-AC9EA29D189C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126107:*:*:*:*:*:*",
"matchCriteriaId": "DBDA89CD-3D30-488F-9EE6-92E84507B95D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126108:*:*:*:*:*:*",
"matchCriteriaId": "A535E330-A6ED-4E51-A3C0-5A6D04B024C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126109:*:*:*:*:*:*",
"matchCriteriaId": "A231F874-62DD-4BAC-B115-CD6D61F23873"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126110:*:*:*:*:*:*",
"matchCriteriaId": "2E6C0DE1-8B37-496C-90AF-38C0B189150E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126113:*:*:*:*:*:*",
"matchCriteriaId": "27D49B1C-1140-4CA7-B10A-9B59ACE69208"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126114:*:*:*:*:*:*",
"matchCriteriaId": "1979F66B-749E-41F8-9CBD-E4AD4483B500"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126115:*:*:*:*:*:*",
"matchCriteriaId": "BC5A1967-8D4F-4090-A2BA-5FFCEAA2EFFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126116:*:*:*:*:*:*",
"matchCriteriaId": "50D85F0C-201C-44D3-92C7-261095B4B03E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126117:*:*:*:*:*:*",
"matchCriteriaId": "36B6C5A9-FC13-4AB0-BE8B-9DFA8FDB0C57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126118:*:*:*:*:*:*",
"matchCriteriaId": "B621572C-448C-43C4-AF8E-EEBCFADF3630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126119:*:*:*:*:*:*",
"matchCriteriaId": "AAAF3692-3979-494B-831A-D8BFE127A6C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126120:*:*:*:*:*:*",
"matchCriteriaId": "EE7B18B3-87AD-4960-8FBE-D90BE5FF6776"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126121:*:*:*:*:*:*",
"matchCriteriaId": "79F88190-237F-4D39-B70E-FC0CBCE65DE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126122:*:*:*:*:*:*",
"matchCriteriaId": "3C6640CC-4BF7-4D7E-A128-0F36CC0DD3DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126130:*:*:*:*:*:*",
"matchCriteriaId": "CA2D7B9C-AE06-4A1C-8C88-FDAD9AADF73B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126131:*:*:*:*:*:*",
"matchCriteriaId": "014DEAE0-EB0F-43BB-A922-5ED346E774A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126132:*:*:*:*:*:*",
"matchCriteriaId": "3D63BDBE-E10F-4E57-8F26-C6D31A6CAB4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126134:*:*:*:*:*:*",
"matchCriteriaId": "614916D2-74A2-45F5-BF8D-E0FD8F0000B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126135:*:*:*:*:*:*",
"matchCriteriaId": "B0C9C18E-C143-46AF-8126-FB0A71E4E4CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126136:*:*:*:*:*:*",
"matchCriteriaId": "5B93668B-4988-424B-BB81-6A18355F8624"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126139:*:*:*:*:*:*",
"matchCriteriaId": "56EB1279-627C-43E1-80D7-A09BF047757E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126141:*:*:*:*:*:*",
"matchCriteriaId": "F06D655C-29AC-4FDB-B22F-148743C469F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126147:*:*:*:*:*:*",
"matchCriteriaId": "D2790B5B-F0F4-4B3B-8747-34685D988024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126148:*:*:*:*:*:*",
"matchCriteriaId": "BD572C9F-3B99-4A1D-AC18-AF7163F06FA2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126149:*:*:*:*:*:*",
"matchCriteriaId": "AA0872FB-4491-45BA-9429-BEBDB7AA4B49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126150:*:*:*:*:*:*",
"matchCriteriaId": "1940E42F-0F5D-4262-888F-FD23830E73ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126151:*:*:*:*:*:*",
"matchCriteriaId": "F3251E9C-8E78-464F-991C-3966B3E2E36D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126154:*:*:*:*:*:*",
"matchCriteriaId": "6428F23E-AFC0-47F8-9059-655D2FF5AF11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126155:*:*:*:*:*:*",
"matchCriteriaId": "33577344-B3FC-4E14-8C76-C5A542FF5598"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126162:*:*:*:*:*:*",
"matchCriteriaId": "5BECCAD7-9F39-4849-8327-96BA17414418"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126163:*:*:*:*:*:*",
"matchCriteriaId": "3B4472BF-9646-4575-A440-8A11B7C5C090"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126164:*:*:*:*:*:*",
"matchCriteriaId": "89A06D36-31CE-43DD-9E55-EFC78FA1D252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126165:*:*:*:*:*:*",
"matchCriteriaId": "17154C40-0DBC-405F-B68E-76672F28A700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126166:*:*:*:*:*:*",
"matchCriteriaId": "FAC1EB6D-CEA0-4B98-B988-448FB844B488"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126167:*:*:*:*:*:*",
"matchCriteriaId": "7ECC8CA3-28B8-48BC-944E-0F9503382C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126168:*:*:*:*:*:*",
"matchCriteriaId": "4F2863D4-D448-4843-9B99-1442A0A3C2FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126169:*:*:*:*:*:*",
"matchCriteriaId": "5006325E-308B-4E08-95F5-15B9412A2BF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126262:*:*:*:*:*:*",
"matchCriteriaId": "99CA6453-8D99-41A8-AF04-6FB2FCA0A4AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126264:*:*:*:*:*:*",
"matchCriteriaId": "435229C9-FC8B-4C93-ABFE-C98518B60FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126275:*:*:*:*:*:*",
"matchCriteriaId": "1DD61A2F-88D7-45A0-9319-47192344EA36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126276:*:*:*:*:*:*",
"matchCriteriaId": "DC4B331D-1FCA-4BD2-A630-6FBCC48B3599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126277:*:*:*:*:*:*",
"matchCriteriaId": "28B7BD39-A958-4C25-BECB-BEB94A83F553"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126278:*:*:*:*:*:*",
"matchCriteriaId": "DE818DF8-FA7E-4B61-85A1-6D06CF1C2382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126279:*:*:*:*:*:*",
"matchCriteriaId": "FF4B34EF-B68F-4EAB-8CB3-90E83AA1CAE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126280:*:*:*:*:*:*",
"matchCriteriaId": "CA19FF74-8725-4144-8AC9-07C770CE1ECE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126283:*:*:*:*:*:*",
"matchCriteriaId": "C22463C3-B9BA-4A21-BB66-23903AFDB56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126284:*:*:*:*:*:*",
"matchCriteriaId": "D4D9EA3A-5FC5-43E6-8B29-2B62549617D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126285:*:*:*:*:*:*",
"matchCriteriaId": "2D5A86EC-53FD-4F85-BAB8-3F89880AD59E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126290:*:*:*:*:*:*",
"matchCriteriaId": "0420517B-9660-458B-83A6-F08889A07F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126293:*:*:*:*:*:*",
"matchCriteriaId": "93E003DB-D44B-4278-931D-A0321DABE732"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126294:*:*:*:*:*:*",
"matchCriteriaId": "6051DD96-3EB1-4C54-94B4-7D6D19DDFC21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126295:*:*:*:*:*:*",
"matchCriteriaId": "F08902C5-6C2F-4791-BBB7-57BE3C6704B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126306:*:*:*:*:*:*",
"matchCriteriaId": "DED80530-0627-487E-96C5-A6BE3EDFB925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126308:*:*:*:*:*:*",
"matchCriteriaId": "1E6CB40F-CA89-4C99-8E14-0209F5F889EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126310:*:*:*:*:*:*",
"matchCriteriaId": "7FDF215D-73B3-41E9-86FB-01B3A6EA1AEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126311:*:*:*:*:*:*",
"matchCriteriaId": "DEB0DC3F-E57F-4E69-AA89-B8502C010404"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126322:*:*:*:*:*:*",
"matchCriteriaId": "1D34DF7D-F85F-4209-92ED-9E165E9C37F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_opmanager:12.6:build126323:*:*:*:*:*:*",
"matchCriteriaId": "3FBF6438-3A78-4527-9CE2-BAB5F91FF3FF"
}
]
}
]
}
],
"references": [
{
"url": "https://manageengine.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.manageengine.com/network-monitoring/security-updates/cve-2023-31099.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-314xx/CVE-2023-31434.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-31434",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:11.133",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:55:17.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evasys:evasys:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "121D8E08-632A-4DC6-A0BF-42FFA07BDFA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evasys:evasys:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "29035721-2E02-440C-A59D-C19748D922D2"
}
]
}
]
}
],
"references": [
{
"url": "https://cves.at/posts/cve-2023-31434/writeup/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-314xx/CVE-2023-31435.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-31435",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:11.187",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T03:55:11.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evasys:evasys:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "121D8E08-632A-4DC6-A0BF-42FFA07BDFA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evasys:evasys:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "29035721-2E02-440C-A59D-C19748D922D2"
}
]
}
]
}
],
"references": [
{
"url": "https://cves.at/posts/cve-2023-31435/writeup/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-314xx/CVE-2023-31478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31478",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T23:15:09.940",
"lastModified": "2023-05-09T23:15:09.940",
"vulnStatus": "Received",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

61
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-10T02:00:23.686891+00:00
2023-05-10T04:00:24.206269+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-10T01:15:09.083000+00:00
2023-05-10T03:58:32.817000+00:00
```
### Last Data Feed Release
@ -29,23 +29,68 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214661
214662
```
### CVEs added in the last Commit
Recently added CVEs: `1`
* [CVE-2022-36330](CVE-2022/CVE-2022-363xx/CVE-2022-36330.json) (`2023-05-10T00:15:09.467`)
* [CVE-2023-25833](CVE-2023/CVE-2023-258xx/CVE-2023-25833.json) (`2023-05-10T02:15:08.933`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `48`
* [CVE-2022-48337](CVE-2022/CVE-2022-483xx/CVE-2022-48337.json) (`2023-05-10T01:15:08.917`)
* [CVE-2022-48339](CVE-2022/CVE-2022-483xx/CVE-2022-48339.json) (`2023-05-10T01:15:09.007`)
* [CVE-2023-28617](CVE-2023/CVE-2023-286xx/CVE-2023-28617.json) (`2023-05-10T01:15:09.083`)
* [CVE-2017-11197](CVE-2017/CVE-2017-111xx/CVE-2017-11197.json) (`2023-05-10T03:56:15.183`)
* [CVE-2020-22429](CVE-2020/CVE-2020-224xx/CVE-2020-22429.json) (`2023-05-10T03:54:49.863`)
* [CVE-2022-36330](CVE-2022/CVE-2022-363xx/CVE-2022-36330.json) (`2023-05-10T02:29:55.237`)
* [CVE-2022-39161](CVE-2022/CVE-2022-391xx/CVE-2022-39161.json) (`2023-05-10T03:54:37.507`)
* [CVE-2022-45812](CVE-2022/CVE-2022-458xx/CVE-2022-45812.json) (`2023-05-10T02:25:17.547`)
* [CVE-2022-47757](CVE-2022/CVE-2022-477xx/CVE-2022-47757.json) (`2023-05-10T03:54:12.323`)
* [CVE-2023-2156](CVE-2023/CVE-2023-21xx/CVE-2023-2156.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-23668](CVE-2023/CVE-2023-236xx/CVE-2023-23668.json) (`2023-05-10T02:24:50.837`)
* [CVE-2023-2427](CVE-2023/CVE-2023-24xx/CVE-2023-2427.json) (`2023-05-10T02:19:43.877`)
* [CVE-2023-24400](CVE-2023/CVE-2023-244xx/CVE-2023-24400.json) (`2023-05-10T02:24:37.880`)
* [CVE-2023-24744](CVE-2023/CVE-2023-247xx/CVE-2023-24744.json) (`2023-05-10T03:54:26.793`)
* [CVE-2023-25021](CVE-2023/CVE-2023-250xx/CVE-2023-25021.json) (`2023-05-10T02:25:03.560`)
* [CVE-2023-25052](CVE-2023/CVE-2023-250xx/CVE-2023-25052.json) (`2023-05-10T02:26:02.593`)
* [CVE-2023-2516](CVE-2023/CVE-2023-25xx/CVE-2023-2516.json) (`2023-05-10T02:20:02.473`)
* [CVE-2023-25452](CVE-2023/CVE-2023-254xx/CVE-2023-25452.json) (`2023-05-10T02:26:18.077`)
* [CVE-2023-25491](CVE-2023/CVE-2023-254xx/CVE-2023-25491.json) (`2023-05-10T02:24:21.523`)
* [CVE-2023-2550](CVE-2023/CVE-2023-25xx/CVE-2023-2550.json) (`2023-05-10T02:20:24.467`)
* [CVE-2023-2551](CVE-2023/CVE-2023-25xx/CVE-2023-2551.json) (`2023-05-10T02:21:54.973`)
* [CVE-2023-2552](CVE-2023/CVE-2023-25xx/CVE-2023-2552.json) (`2023-05-10T02:22:08.797`)
* [CVE-2023-2553](CVE-2023/CVE-2023-25xx/CVE-2023-2553.json) (`2023-05-10T02:23:43.497`)
* [CVE-2023-25831](CVE-2023/CVE-2023-258xx/CVE-2023-25831.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-25832](CVE-2023/CVE-2023-258xx/CVE-2023-25832.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-25962](CVE-2023/CVE-2023-259xx/CVE-2023-25962.json) (`2023-05-10T02:29:05.977`)
* [CVE-2023-26016](CVE-2023/CVE-2023-260xx/CVE-2023-26016.json) (`2023-05-10T02:28:53.703`)
* [CVE-2023-2610](CVE-2023/CVE-2023-26xx/CVE-2023-2610.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-26517](CVE-2023/CVE-2023-265xx/CVE-2023-26517.json) (`2023-05-10T02:23:55.010`)
* [CVE-2023-26519](CVE-2023/CVE-2023-265xx/CVE-2023-26519.json) (`2023-05-10T02:24:07.383`)
* [CVE-2023-28125](CVE-2023/CVE-2023-281xx/CVE-2023-28125.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28126](CVE-2023/CVE-2023-281xx/CVE-2023-28126.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28127](CVE-2023/CVE-2023-281xx/CVE-2023-28127.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28128](CVE-2023/CVE-2023-281xx/CVE-2023-28128.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28169](CVE-2023/CVE-2023-281xx/CVE-2023-28169.json) (`2023-05-10T02:26:38.837`)
* [CVE-2023-28316](CVE-2023/CVE-2023-283xx/CVE-2023-28316.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28317](CVE-2023/CVE-2023-283xx/CVE-2023-28317.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-28318](CVE-2023/CVE-2023-283xx/CVE-2023-28318.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-29842](CVE-2023/CVE-2023-298xx/CVE-2023-29842.json) (`2023-05-10T03:58:32.817`)
* [CVE-2023-30056](CVE-2023/CVE-2023-300xx/CVE-2023-30056.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-30057](CVE-2023/CVE-2023-300xx/CVE-2023-30057.json) (`2023-05-10T02:29:55.237`)
* [CVE-2023-30077](CVE-2023/CVE-2023-300xx/CVE-2023-30077.json) (`2023-05-10T03:57:51.020`)
* [CVE-2023-30184](CVE-2023/CVE-2023-301xx/CVE-2023-30184.json) (`2023-05-10T03:53:22.570`)
* [CVE-2023-30267](CVE-2023/CVE-2023-302xx/CVE-2023-30267.json) (`2023-05-10T02:15:09.027`)
* [CVE-2023-30300](CVE-2023/CVE-2023-303xx/CVE-2023-30300.json) (`2023-05-10T03:54:22.137`)
* [CVE-2023-30331](CVE-2023/CVE-2023-303xx/CVE-2023-30331.json) (`2023-05-10T03:53:34.137`)
* [CVE-2023-30861](CVE-2023/CVE-2023-308xx/CVE-2023-30861.json) (`2023-05-10T03:55:54.567`)
* [CVE-2023-31099](CVE-2023/CVE-2023-310xx/CVE-2023-31099.json) (`2023-05-10T03:53:41.293`)
* [CVE-2023-31434](CVE-2023/CVE-2023-314xx/CVE-2023-31434.json) (`2023-05-10T03:55:17.283`)
* [CVE-2023-31435](CVE-2023/CVE-2023-314xx/CVE-2023-31435.json) (`2023-05-10T03:55:11.183`)
* [CVE-2023-31478](CVE-2023/CVE-2023-314xx/CVE-2023-31478.json) (`2023-05-10T02:29:55.237`)
## Download and Usage