admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-26T14:00:26.125285+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-26 14:00:29 +00:00
parent 62e13e1495
commit 02c71a6a33
43 changed files with 1351 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
CVE-2022/CVE-2022-423xx/CVE-2022-42336.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2022-42336",
"sourceIdentifier": "security@xen.org",
"published": "2023-05-17T01:15:09.480",
"lastModified": "2023-05-17T12:46:46.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:08:00.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Mishandling of guest SSBD selection on AMD hardware The current logic to set SSBD on AMD Family 17h and Hygon Family 18h processors requires that the setting of SSBD is coordinated at a core level, as the setting is shared between threads. Logic was introduced to keep track of how many threads require SSBD active in order to coordinate it, such logic relies on using a per-core counter of threads that have SSBD active. When running on the mentioned hardware, it's possible for a guest to under or overflow the thread counter, because each write to VIRT_SPEC_CTRL.SSBD by the guest gets propagated to the helper that does the per-core active accounting. Underflowing the counter causes the value to get saturated, and thus attempts for guests running on the same core to set SSBD won't have effect because the hypervisor assumes it's already active."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:xen:xen:4.17:*:*:*:*:*:x86:*",
"matchCriteriaId": "D4D2B491-982D-48C3-B096-AD0B576775AB"
}
]
}
]
}
],
"references": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-431.txt",
"source": "security@xen.org"
"source": "security@xen.org",
"tags": [
"Vendor Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-453xx/CVE-2022-45375.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-45375",
"sourceIdentifier": "audit@patchstack.com",
"published": "2022-11-17T23:15:24.937",
"lastModified": "2022-11-18T19:35:47.507",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-26T12:15:09.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Auth. Stored Cross-Site Scripting (XSS) vulnerability in iFeature Slider plugin <= 1.2 on WordPress."
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in iFeature Slider plugin <= 1.2 on WordPress.\n\n"
}
],
"metrics": {
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
@ -66,7 +66,7 @@
]
},
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{

47
CVE-2022/CVE-2022-453xx/CVE-2022-45376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45376",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T10:15:11.587",
"lastModified": "2023-05-22T10:56:50.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:59:21.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xootix:side_cart_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1",
"matchCriteriaId": "825513EB-26A9-4014-8B3E-F795CF67A49A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/side-cart-woocommerce/wordpress-side-cart-woocommerce-ajax-plugin-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-471xx/CVE-2022-47183.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47183",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-22T10:15:12.310",
"lastModified": "2023-05-22T10:56:50.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:56:53.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylist_project:stylist:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.2.6",
"matchCriteriaId": "31AF83D4-C1C5-4E6D-8F2F-C124953A9DEA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stylist/wordpress-extra-block-design-style-css-for-any-gutenberg-blocks-plugin-0-2-6-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

273
CVE-2023/CVE-2023-08xx/CVE-2023-0863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0863",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2023-05-17T08:15:08.510",
"lastModified": "2023-05-17T12:46:46.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T12:54:07.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
@ -46,10 +76,247 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ul40_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.5.6",
"matchCriteriaId": "B685842D-EA64-4A3F-ABF9-F0F1B8F852B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ul40:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC60C7F-468E-491F-9B1F-7F49713E6715"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_80a_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.5.6",
"matchCriteriaId": "FD4A0D52-102B-4B87-B62F-E6CF400595FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_80a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A13EE7D-F159-4F32-8ECE-16452ABB84D1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ul32a_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "12ABA7C2-C7B9-4A57-8DD0-8C31E01AAFFB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ul32a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87F2647E-594F-4AFE-9F1C-26A64C06BBB7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_jp_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "C177EB89-AECB-43B4-86C4-395C6E09C2FD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_jp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11149871-3406-4120-B1AF-A507D72E3E98"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_mid_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "63F1B597-42D0-4EDF-883B-B91349991A69"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_mid:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1437728-6D9B-4740-B904-BF4B41CD54DB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_juno_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.6.6",
"matchCriteriaId": "A1D1F228-AC66-42A7-88EB-86F7F1C6098B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_juno:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C762F36F-D705-49F7-B8FC-8801F03B6048"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_ptb_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.5.26",
"matchCriteriaId": "DAC89B65-BFE1-4BA9-87F4-D2BA0851012E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_ptb:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF28AFF4-3A99-4523-9DBF-4D7D4401C689"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:abb:terra_ac_wallbox_ce_symbiosis_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.2.8",
"matchCriteriaId": "A6C630D7-5EE5-4E29-863C-72130F562ABB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:abb:terra_ac_wallbox_ce_symbiosis:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40F3A4FB-7933-497B-B85D-73724A9ED60A"
}
]
}
]
}
],
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A1415&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@ch.abb.com"
"source": "cybersecurity@ch.abb.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-09xx/CVE-2023-0950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0950",
"sourceIdentifier": "security@documentfoundation.org",
"published": "2023-05-25T20:15:09.207",
"lastModified": "2023-05-25T20:15:09.207",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-226xx/CVE-2023-22693.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22693",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T13:15:09.483",
"lastModified": "2023-05-26T13:51:08.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in conlabzgmbh WP Google Tag Manager plugin <=\u00a01.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-google-tag-manager/wordpress-wp-google-tag-manager-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-22xx/CVE-2023-2255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2255",
"sourceIdentifier": "security@documentfoundation.org",
"published": "2023-05-25T20:15:09.350",
"lastModified": "2023-05-25T20:15:09.350",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-237xx/CVE-2023-23714.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23714",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T12:15:13.840",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash plugin <=\u00a03.6.4.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/uncanny-learndash-toolkit/wordpress-uncanny-toolkit-for-learndash-plugin-3-6-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

93
CVE-2023/CVE-2023-23xx/CVE-2023-2319.json
View File

@ -2,27 +2,108 @@
"id": "CVE-2023-2319",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.313",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:33:38.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:clusterlabs:pcs:0.11.4-6.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "0ABBFA45-72D7-461C-8DC7-CD36335472C0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_high_availability:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1932BB0-54B5-4024-9856-3254B2B89DCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_high_availability_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7942663B-AF75-4B5A-9BFA-5C81D703FCCB"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2652",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2319",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2190092",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

55
CVE-2023/CVE-2023-240xx/CVE-2023-24007.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24007",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T12:15:15.070",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in TheOnlineHero - Tom Skroza Admin Block Country plugin <=\u00a07.1.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/admin-block-country/wordpress-admin-block-country-plugin-7-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-240xx/CVE-2023-24008.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24008",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T13:15:11.527",
"lastModified": "2023-05-26T13:51:08.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in yonifre Maspik \u2013 Spam Blacklist plugin <=\u00a00.7.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contact-forms-anti-spam/wordpress-maspik-spam-blacklist-plugin-0-7-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-250xx/CVE-2023-25038.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25038",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T13:15:11.830",
"lastModified": "2023-05-26T13:51:08.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <=\u00a00.58 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/for-the-visually-impaired/wordpress-for-the-visually-impaired-plugin-0-58-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-254xx/CVE-2023-25439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25439",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T20:15:09.280",
"lastModified": "2023-05-25T20:15:09.280",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-257xx/CVE-2023-25781.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25781",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T12:15:15.637",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sebastian Krysmanski Upload File Type Settings plugin\u00a0<= 1.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/upload-file-type-settings-plugin/wordpress-upload-file-type-settings-plugin-plugin-1-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-259xx/CVE-2023-25971.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25971",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T12:15:16.273",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in FixBD Educare plugin <=\u00a01.4.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/educare/wordpress-educare-students-result-management-system-plugin-1-4-1-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-259xx/CVE-2023-25976.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25976",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-26T12:15:16.630",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <=\u00a01.2.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cf7-zoho/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-plugin-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

101
CVE-2023/CVE-2023-25xx/CVE-2023-2509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2509",
"sourceIdentifier": "security@asustor.com",
"published": "2023-05-17T07:15:08.567",
"lastModified": "2023-05-18T02:15:12.117",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:34:06.400",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -46,10 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E263E01C-BF3F-4107-989E-8EE195511DF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.0.6:reg2:*:*:*:*:*:*",
"matchCriteriaId": "CD67EA77-03E9-435C-B1AF-C6EEEB69E55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0284FF36-321E-471E-A1E9-58A36E7A8039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.1.0:rlq1:*:*:*:*:*:*",
"matchCriteriaId": "C6FBB975-F3A3-41C6-822A-AF32997422F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.2.1:-:*:*:*:*:*:*",
"matchCriteriaId": "4E95A07A-CA6B-4E79-BF1A-F1A3A97D1C9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:adm:4.2.1:rge2:*:*:*:*:*:*",
"matchCriteriaId": "62B4CDB5-AF06-40D1-A243-7577BAF3D001"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:looksgood:2.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "B03279A2-073F-463B-86FA-2BC862F94227"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:looksgood:2.0.0:r129:*:*:*:*:*:*",
"matchCriteriaId": "D64E2127-EB5B-450A-A4A0-0967CAC153C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:soundsgood:2.3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "6311BD0B-3160-4C44-A837-414885F6EABF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asustor:soundsgood:2.3.0:r1027:*:*:*:*:*:*",
"matchCriteriaId": "B0CE69E6-949C-4A8D-B54C-03398447D012"
}
]
}
]
}
],
"references": [
{
"url": "https://www.asustor.com/security/security_advisory_detail?id=22",
"source": "security@asustor.com"
"source": "security@asustor.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-262xx/CVE-2023-26215.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26215",
"sourceIdentifier": "security@tibco.com",
"published": "2023-05-25T19:15:14.067",
"lastModified": "2023-05-25T19:15:14.067",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-262xx/CVE-2023-26216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26216",
"sourceIdentifier": "security@tibco.com",
"published": "2023-05-25T19:15:14.157",
"lastModified": "2023-05-25T19:15:14.157",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-283xx/CVE-2023-28382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28382",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-05-26T09:15:38.593",
"lastModified": "2023-05-26T09:15:38.593",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-28xx/CVE-2023-2804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2804",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-25T22:15:09.443",
"lastModified": "2023-05-25T22:15:09.443",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

56
CVE-2023/CVE-2023-28xx/CVE-2023-2832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2832",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-22T11:15:09.493",
"lastModified": "2023-05-22T13:21:34.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:54:43.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bumsys_project:bumsys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "BFF79BFE-5BE2-4217-83F1-5ADC5D475D55"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unilogies/bumsys/commit/1b426f58a513194206d0ea8ab58baf1461e54978",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/37b80402-0edf-4f26-a668-b6f8b48dcdfb",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-29xx/CVE-2023-2900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2900",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-25T21:15:09.157",
"lastModified": "2023-05-25T21:15:09.157",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2901.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2901",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-25T22:15:09.517",
"lastModified": "2023-05-25T22:15:09.517",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2902.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2902",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-25T22:15:09.600",
"lastModified": "2023-05-25T22:15:09.600",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2903.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2903",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-25T23:15:09.293",
"lastModified": "2023-05-25T23:15:09.293",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30615",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T18:15:10.150",
"lastModified": "2023-05-25T18:15:10.150",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-308xx/CVE-2023-30851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30851",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T18:15:10.240",
"lastModified": "2023-05-25T18:15:10.240",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-311xx/CVE-2023-31124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31124",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T22:15:09.680",
"lastModified": "2023-05-26T05:15:27.800",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-311xx/CVE-2023-31130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31130",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T22:15:09.760",
"lastModified": "2023-05-26T05:15:28.457",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-311xx/CVE-2023-31147.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31147",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T22:15:09.833",
"lastModified": "2023-05-26T05:15:28.677",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-320xx/CVE-2023-32067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32067",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T23:15:09.380",
"lastModified": "2023-05-26T05:15:28.837",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-320xx/CVE-2023-32074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32074",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T23:15:09.447",
"lastModified": "2023-05-25T23:15:09.447",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2023/CVE-2023-323xx/CVE-2023-32322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32322",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-18T17:15:09.003",
"lastModified": "2023-05-18T18:04:44.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:51:42.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,28 +64,73 @@
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ombi:ombi:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.38.2",
"matchCriteriaId": "6D5D19E8-9FC0-4510-AF83-E15914C70F84"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.ombi.app/guides/installation/#windows",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Ombi-app/Ombi/blob/v4.36.1/src/Ombi/Controllers/V2/SystemController.cs#L46",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Ombi-app/Ombi/blob/v4.36.1/src/Ombi/Controllers/V2/SystemController.cs#L58",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Ombi-app/Ombi/commit/b8a8f029d80454d582bc4a2a05175106809335d0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Ombi-app/Ombi/security/advisories/GHSA-28j3-84m7-gpjp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-332xx/CVE-2023-33263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33263",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T20:15:09.447",
"lastModified": "2023-05-25T20:15:09.447",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33278.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33278",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T20:15:09.500",
"lastModified": "2023-05-25T20:15:09.500",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33279.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33279",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T20:15:09.570",
"lastModified": "2023-05-25T20:15:09.570",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33280.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T20:15:09.633",
"lastModified": "2023-05-25T20:15:09.633",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:43:57.397",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2023/CVE-2023-332xx/CVE-2023-33281.json
View File

@ -2,27 +2,103 @@
"id": "CVE-2023-33281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-22T02:15:11.837",
"lastModified": "2023-05-22T10:56:56.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-26T13:45:29.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The remote keyfob system on Nissan Sylphy Classic 2021 sends the same RF signal for each door-open request, which allows for a replay attack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nissan:sylphy_classic_2021_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70D7D71C-E21C-4337-8D3E-0F8EAFC03916"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nissan:sylphy_classic_2021:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8210640F-F3E2-4572-8A33-496A3CD8314D"
}
]
}
]
}
],
"references": [
{
"url": "https://chaos-lab.blogspot.com/2023/05/nissan-sylphy-classic-2021-fixed-code.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://twitter.com/Kevin2600/status/1658059570806415365",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=GG1utSdYG1k",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-337xx/CVE-2023-33750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33750",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T17:15:12.110",
"lastModified": "2023-05-25T17:15:12.110",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-337xx/CVE-2023-33751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33751",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T17:15:12.263",
"lastModified": "2023-05-25T17:15:12.263",
"vulnStatus": "Received",
"lastModified": "2023-05-26T12:44:04.697",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

44
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-26T10:00:27.740137+00:00
2023-05-26T14:00:26.125285+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-26T09:15:38.593000+00:00
2023-05-26T13:59:21.923000+00:00
```
### Last Data Feed Release
@ -29,20 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216054
216062
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `8`
* [CVE-2023-28382](CVE-2023/CVE-2023-283xx/CVE-2023-28382.json) (`2023-05-26T09:15:38.593`)
* [CVE-2023-23714](CVE-2023/CVE-2023-237xx/CVE-2023-23714.json) (`2023-05-26T12:15:13.840`)
* [CVE-2023-24007](CVE-2023/CVE-2023-240xx/CVE-2023-24007.json) (`2023-05-26T12:15:15.070`)
* [CVE-2023-25781](CVE-2023/CVE-2023-257xx/CVE-2023-25781.json) (`2023-05-26T12:15:15.637`)
* [CVE-2023-25971](CVE-2023/CVE-2023-259xx/CVE-2023-25971.json) (`2023-05-26T12:15:16.273`)
* [CVE-2023-25976](CVE-2023/CVE-2023-259xx/CVE-2023-25976.json) (`2023-05-26T12:15:16.630`)
* [CVE-2023-22693](CVE-2023/CVE-2023-226xx/CVE-2023-22693.json) (`2023-05-26T13:15:09.483`)
* [CVE-2023-24008](CVE-2023/CVE-2023-240xx/CVE-2023-24008.json) (`2023-05-26T13:15:11.527`)
* [CVE-2023-25038](CVE-2023/CVE-2023-250xx/CVE-2023-25038.json) (`2023-05-26T13:15:11.830`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `34`
* [CVE-2023-2804](CVE-2023/CVE-2023-28xx/CVE-2023-2804.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-2901](CVE-2023/CVE-2023-29xx/CVE-2023-2901.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-2902](CVE-2023/CVE-2023-29xx/CVE-2023-2902.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-31124](CVE-2023/CVE-2023-311xx/CVE-2023-31124.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-31130](CVE-2023/CVE-2023-311xx/CVE-2023-31130.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-31147](CVE-2023/CVE-2023-311xx/CVE-2023-31147.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-2903](CVE-2023/CVE-2023-29xx/CVE-2023-2903.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-32067](CVE-2023/CVE-2023-320xx/CVE-2023-32067.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-32074](CVE-2023/CVE-2023-320xx/CVE-2023-32074.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-28382](CVE-2023/CVE-2023-283xx/CVE-2023-28382.json) (`2023-05-26T12:43:57.397`)
* [CVE-2023-33750](CVE-2023/CVE-2023-337xx/CVE-2023-33750.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-33751](CVE-2023/CVE-2023-337xx/CVE-2023-33751.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-30615](CVE-2023/CVE-2023-306xx/CVE-2023-30615.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-30851](CVE-2023/CVE-2023-308xx/CVE-2023-30851.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-26215](CVE-2023/CVE-2023-262xx/CVE-2023-26215.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-26216](CVE-2023/CVE-2023-262xx/CVE-2023-26216.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-0950](CVE-2023/CVE-2023-09xx/CVE-2023-0950.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-25439](CVE-2023/CVE-2023-254xx/CVE-2023-25439.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-2255](CVE-2023/CVE-2023-22xx/CVE-2023-2255.json) (`2023-05-26T12:44:04.697`)
* [CVE-2023-0863](CVE-2023/CVE-2023-08xx/CVE-2023-0863.json) (`2023-05-26T12:54:07.163`)
* [CVE-2023-2319](CVE-2023/CVE-2023-23xx/CVE-2023-2319.json) (`2023-05-26T13:33:38.157`)
* [CVE-2023-2509](CVE-2023/CVE-2023-25xx/CVE-2023-2509.json) (`2023-05-26T13:34:06.400`)
* [CVE-2023-33281](CVE-2023/CVE-2023-332xx/CVE-2023-33281.json) (`2023-05-26T13:45:29.920`)
* [CVE-2023-32322](CVE-2023/CVE-2023-323xx/CVE-2023-32322.json) (`2023-05-26T13:51:42.143`)
* [CVE-2023-2832](CVE-2023/CVE-2023-28xx/CVE-2023-2832.json) (`2023-05-26T13:54:43.810`)
## Download and Usage