admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-13T20:00:24.095064+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-13 20:00:27 +00:00
parent 6a04e888f4
commit 0459b6cd09
58 changed files with 6063 additions and 331 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
CVE-2020/CVE-2020-276xx/CVE-2020-27635.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2020-27635",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T17:15:10.703",
"lastModified": "2023-10-10T17:52:17.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:08:18.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In PicoTCP 1.7.0, TCP ISNs are improperly random."
},
{
"lang": "es",
"value": "En PicoTCP 1.7.0, los ISN de TCP son incorrectamente aleatorios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:capgemini:picotcp:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "988CC4A6-2BA2-4CDF-9C1C-E91B6B52C990"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.forescout.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-261xx/CVE-2023-26153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26153",
"sourceIdentifier": "report@snyk.io",
"published": "2023-10-06T05:15:52.803",
"lastModified": "2023-10-06T12:48:29.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:04:10.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -38,26 +58,74 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geokit:geokit-rails:*:*:*:*:*:rails:*:*",
"versionEndExcluding": "2.5.0",
"matchCriteriaId": "FD2D2981-7883-44D9-AC51-A729938F40E2"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/CalumHutton/b7aa1c2e71c8d4386463ac14f686901d",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/geokit/geokit-rails/blob/master/lib/geokit-rails/ip_geocode_lookup.rb%23L37",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/geokit/geokit-rails/commit/7ffc5813e57f6f417987043e1039925fd0865c43",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/geokit/geokit-rails/commit/a93dfe49fb9aeae7164e2f8c4041450a04b5482f",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Patch"
]
},
{
"url": "https://security.snyk.io/vuln/SNYK-RUBY-GEOKITRAILS-5920323",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

125
CVE-2023/CVE-2023-309xx/CVE-2023-30910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30910",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-10-09T16:15:10.400",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:42:35.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-444"
}
]
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -50,10 +80,99 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:msa_1060_storage_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "in210r004",
"matchCriteriaId": "9D619F85-D2AF-4C55-9987-74A25CF5F91A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hpe:msa_1060_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8807E1F-5159-4AEA-BBF5-05BA6FBC394F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:msa_2060_storage_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "in210r004",
"matchCriteriaId": "153B35B4-02A3-4E45-B825-B059FE41249B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hpe:msa_2060_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3F26FD92-05CA-460D-BCD0-D71626E1E594"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hpe:msa_2062_storage_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "in210r004",
"matchCriteriaId": "6B8F8D94-8EFA-48BE-937E-D82C449DFF3D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hpe:msa_2062_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EAA9E7-F3E9-4778-ACBC-DD801586FCC7"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04539en_us",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-356xx/CVE-2023-35652.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-35652",
"sourceIdentifier": "security@android.com",
"published": "2023-10-11T20:15:10.187",
"lastModified": "2023-10-11T21:04:47.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:08:54.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.\n\n"
},
{
"lang": "es",
"value": "En ProtocolEmergencyCallListIndAdapter::Init de protocolcalladapter.cpp, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n y comprometer el firmware de banda base. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-10-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-361xx/CVE-2023-36127.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-36127",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T22:15:11.417",
"lastModified": "2023-10-10T23:25:33.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:30:01.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users."
},
{
"lang": "es",
"value": "La enumeraci\u00f3n de usuarios se encuentra en PHPJabbers Appointment Scheduler 3.0. Este problema ocurre durante la recuperaci\u00f3n de contrase\u00f1a, donde una diferencia en los mensajes podr\u00eda permitir a un atacante determinar si el usuario es v\u00e1lido o no, lo que permitir\u00eda un ataque de fuerza bruta con usuarios v\u00e1lidos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:appointment_scheduler:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22F74A1B-C08B-4249-A66D-B7246A9DF3B4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-364xx/CVE-2023-36417.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36417",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.190",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:02:25.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SQL ODBC Driver Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft SQL ODBC Driver"
}
],
"metrics": {
@ -34,10 +38,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.2",
"versionEndExcluding": "19.3.0002.0",
"matchCriteriaId": "62D6C409-E6E3-402B-B493-EBDC6A3D30A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36417",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-364xx/CVE-2023-36418.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36418",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.247",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:34:33.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS GUIX Studio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Azure RTOS GUIX Studio"
}
],
"metrics": {
@ -34,10 +38,45 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_rtos_guix_studio:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.3.0",
"matchCriteriaId": "E79C3F5A-F92C-475C-ACAD-E5CD2C61C740"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36418",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-364xx/CVE-2023-36419.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36419",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.300",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:31:30.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Azure HDInsight Apache Oozie Workflow Scheduler "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -34,10 +58,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_hdinsights:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83A84196-1B0D-46F8-802F-064C6C80486D"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36419",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-364xx/CVE-2023-36420.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36420",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.363",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:01:16.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft ODBC Driver para SQL Server"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
@ -34,10 +58,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "16C7C708-7C4F-4DD2-A871-71ED87B1B87F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "704C5575-DCA6-47CB-8B4B-82FE0FE09E78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "688F5FF7-599A-4326-A242-A9D69AEA9AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "90718D50-D4D8-4949-ADB3-310879B2A574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "C9BEA137-3C0A-472A-9A5B-428E00302626"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "3194D825-8C6B-4B91-B874-6E65B2A038AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36420",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-364xx/CVE-2023-36438.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36438",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.803",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:53:35.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en TCP/IP de Windows"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36438",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-365xx/CVE-2023-36557.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36557",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.867",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:57:09.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "PrintHTML API Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en PrintHTML API"
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36557",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-365xx/CVE-2023-36561.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36561",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.930",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:57:59.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Azure DevOps Server Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Azure DevOps Server"
}
],
"metrics": {
@ -34,10 +38,53 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:azure_devops_server:2020.0.2:-:*:*:*:*:*:*",
"matchCriteriaId": "ABF9F2EE-7A4F-4FEC-BF7A-6574B173F3D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:azure_devops_server:2020.1.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A8F7E9F3-B3DC-4161-AA99-DF4E17599868"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:azure_devops_server:2022.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "890F7135-DCF3-40A6-9FFE-F048EE7E1565"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36561",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

119
CVE-2023/CVE-2023-365xx/CVE-2023-36563.json
View File

@ -2,12 +2,20 @@
"id": "CVE-2023-36563",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.003",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:59:39.430",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-10",
"cisaActionDue": "2023-10-31",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Microsoft WordPad Information Disclosure Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WordPad Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Microsoft WordPad"
}
],
"metrics": {
@ -34,10 +42,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36563",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-365xx/CVE-2023-36564.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36564",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.070",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:57:13.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Search Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de la funci\u00f3n de seguridad en Windows Search"
}
],
"metrics": {
@ -34,10 +38,109 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "A55291EE-DD3D-4C87-87A5-EE7D81046E30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36564",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-365xx/CVE-2023-36565.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36565",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.137",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:43:29.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Graphics Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Microsoft Office Graphics"
}
],
"metrics": {
@ -34,10 +38,60 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:universal:*:*",
"versionEndExcluding": "16.0.14326.21606",
"matchCriteriaId": "790083A1-41AD-46AB-A26A-93EDE837DAAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:android:*:*",
"versionEndExcluding": "16.0.16827.20138",
"matchCriteriaId": "A62FB2A2-74C1-4042-A18C-2E053B6B0964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*",
"matchCriteriaId": "40961B9E-80B6-42E0-A876-58B3CE056E4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-365xx/CVE-2023-36566.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36566",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.200",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:30:13.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Common Data Model SDK Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft Common Data Model SDK "
}
],
"metrics": {
@ -34,10 +38,62 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:common_data_model_sdk:*:*:*:*:*:c\\#:*:*",
"versionEndExcluding": "1.7.4",
"matchCriteriaId": "45D150BE-C1B5-47EA-8FC1-7791FE0BE759"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:common_data_model_sdk:*:*:*:*:*:java:*:*",
"versionEndExcluding": "1.7.4",
"matchCriteriaId": "1A8F5296-3582-47CB-BCD5-E241A2A52B7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:common_data_model_sdk:*:*:*:*:*:python:*:*",
"versionEndExcluding": "1.7.4",
"matchCriteriaId": "245DDF9B-F18C-43C6-875E-82F9B2007004"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:common_data_model_sdk:*:*:*:*:*:typescript:*:*",
"versionEndExcluding": "1.7.4",
"matchCriteriaId": "349E2561-D3E0-4C7F-BE6A-E994F587AC0E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36566",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36581.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36581",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.090",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:14:45.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36582.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36582",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.153",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:16:24.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

149
CVE-2023/CVE-2023-365xx/CVE-2023-36583.json
View File

@ -2,18 +2,22 @@
"id": "CVE-2023-36583",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.217",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:52:09.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,13 +35,150 @@
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

168
CVE-2023/CVE-2023-365xx/CVE-2023-36584.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36584",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.280",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:07:41.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Mark of the Web Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de caracter\u00edstica de seguridad web en Windows Mark"
}
],
"metrics": {
@ -34,10 +38,168 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "59FCD1EC-7EB7-4657-AA26-2C2A934D4AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6DB083DC-04FF-47F0-800A-971E9DE2E62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "CECCEB88-1DC3-4242-928E-CCF6B8F8B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36584",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

168
CVE-2023/CVE-2023-365xx/CVE-2023-36585.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36585",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.343",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:09:26.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Active Template Library Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Active Template Library"
}
],
"metrics": {
@ -34,10 +38,168 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "59FCD1EC-7EB7-4657-AA26-2C2A934D4AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6DB083DC-04FF-47F0-800A-971E9DE2E62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "CECCEB88-1DC3-4242-928E-CCF6B8F8B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36585",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36589.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36589",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.407",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:17:45.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36590.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36590",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.470",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:43:33.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36591.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36591",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.530",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:00:28.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-365xx/CVE-2023-36592.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36592",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.590",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:01:17.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

149
CVE-2023/CVE-2023-365xx/CVE-2023-36593.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36593",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.650",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:58:44.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queuing"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
@ -34,10 +58,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

168
CVE-2023/CVE-2023-365xx/CVE-2023-36594.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36594",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.717",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:31:02.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Graphics Component"
}
],
"metrics": {
@ -34,10 +38,168 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "59FCD1EC-7EB7-4657-AA26-2C2A934D4AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6DB083DC-04FF-47F0-800A-971E9DE2E62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "CECCEB88-1DC3-4242-928E-CCF6B8F8B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36594",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

175
CVE-2023/CVE-2023-365xx/CVE-2023-36596.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36596",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.783",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:22:20.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Remote Procedure Call"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
@ -34,10 +58,153 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "59FCD1EC-7EB7-4657-AA26-2C2A934D4AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6DB083DC-04FF-47F0-800A-971E9DE2E62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "CECCEB88-1DC3-4242-928E-CCF6B8F8B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36596",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

168
CVE-2023/CVE-2023-365xx/CVE-2023-36598.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36598",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.847",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:56:30.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft WDAC ODBC Driver"
}
],
"metrics": {
@ -34,10 +38,168 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "59FCD1EC-7EB7-4657-AA26-2C2A934D4AE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6DB083DC-04FF-47F0-800A-971E9DE2E62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "CECCEB88-1DC3-4242-928E-CCF6B8F8B380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36598",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

178
CVE-2023/CVE-2023-366xx/CVE-2023-36602.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36602",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.910",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:35:00.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en TCP/IP de Windows"
}
],
"metrics": {
@ -34,10 +38,178 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x64:*",
"matchCriteriaId": "A045AC0A-471E-444C-B3B0-4CABC23E8CFB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:x86:*",
"matchCriteriaId": "28A7FEE9-B473-48A0-B0ED-A5CC1E44194C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "C86C5206-DD71-4841-90A0-96411C35E925"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "2EBC5E25-7B8A-4A8F-9C0A-2DF0A89A2492"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "6E3DB4A4-5176-474D-983D-3A4C093D771A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "7DE95390-2BFA-47CD-B1C1-D86197446089"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "0B3FBE8F-626A-4DF6-8BD3-2D8F6BF27A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "B4DA360F-1105-47ED-BC36-8EC1B5DC6D2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36602",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

126
CVE-2023/CVE-2023-366xx/CVE-2023-36603.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36603",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.973",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:29:00.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en TCP/IP de Windows"
}
],
"metrics": {
@ -34,10 +38,126 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C57AC4FD-7539-48D3-9AAB-BA623468C5D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "C38DBDD3-BC41-4791-9754-2826E3F0698D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "3F3FB0EF-CD8E-4A37-A46C-EB2B3103F61F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "9F6EE74C-3C21-4927-9677-D4C49467634C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "8741097C-3656-4074-885D-4AC2B7493235"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "7DE95390-2BFA-47CD-B1C1-D86197446089"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "0B3FBE8F-626A-4DF6-8BD3-2D8F6BF27A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "B4DA360F-1105-47ED-BC36-8EC1B5DC6D2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36603",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

100
CVE-2023/CVE-2023-366xx/CVE-2023-36605.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36605",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.047",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:27:21.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Named Pipe Filesystem Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Named Pipe Filesystem"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -34,10 +58,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36605",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-366xx/CVE-2023-36606.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36606",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.110",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:52:35.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft Message Queuing"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

149
CVE-2023/CVE-2023-366xx/CVE-2023-36697.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36697",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.173",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:48:36.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Message Queue"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
@ -34,10 +58,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "EB6A729E-3A5F-44D3-9293-CCE649D75796"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "1C37B834-9B0E-45C0-B771-B529420EEDE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "E8F6D36B-0B5A-4F96-816F-6435A1BDDBF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "2B42E21D-CF02-46FF-8759-B572EC8BBE3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "9FC8F0D2-B3D5-48A1-ADF8-8D36D86E0F72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

122
CVE-2023/CVE-2023-367xx/CVE-2023-36724.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36724",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.807",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:53:26.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Power Management Service Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Windows Power Management Service"
}
],
"metrics": {
@ -34,10 +38,122 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36724",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-367xx/CVE-2023-36725.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36725",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.883",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:53:42.393",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del kernel de Windows"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36725",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36726.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36726",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.967",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:58:57.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Internet Key Exchange (IKE) "
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF11918C-FE48-4778-AB51-62159779D96B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36726",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-367xx/CVE-2023-36728.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36728",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.030",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:41:30.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SQL Server Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft SQL Server"
}
],
"metrics": {
@ -34,10 +38,112 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "FEE52D75-0785-47A8-A024-14A83B9732A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "5C5B4D78-6EA4-41E6-A403-2D018D9F0692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "CC490F0A-842A-4590-8CAC-07BB599D8F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "90718D50-D4D8-4949-ADB3-310879B2A574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "C9BEA137-3C0A-472A-9A5B-428E00302626"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "2EDAA3E7-9DA2-4C2F-B626-60A747015FE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:ole_db_driver_for_sql_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "19.3.0002.0",
"matchCriteriaId": "A5F3F54A-872A-4593-A017-20E28E45DE61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:*:*",
"matchCriteriaId": "03C65D96-44D0-4411-8B84-961973F1E4D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2016:sp3:*:*:*:*:x64:*",
"matchCriteriaId": "39A3D29F-0BE0-4F78-9970-58BB355775DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2017:*:*:*:*:*:x64:*",
"matchCriteriaId": "2FF9FC32-3E6E-4256-B6BD-C4EF1932CA18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-367xx/CVE-2023-36729.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36729",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.100",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:41:41.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Named Pipe File System Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Named Pipe File System"
}
],
"metrics": {
@ -34,10 +38,112 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36729",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-367xx/CVE-2023-36730.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36730",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.160",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:42:01.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft ODBC Driver para SQL Server "
}
],
"metrics": {
@ -34,10 +38,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "FEE52D75-0785-47A8-A024-14A83B9732A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "5C5B4D78-6EA4-41E6-A403-2D018D9F0692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "CC490F0A-842A-4590-8CAC-07BB599D8F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "90718D50-D4D8-4949-ADB3-310879B2A574"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "C9BEA137-3C0A-472A-9A5B-428E00302626"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "2EDAA3E7-9DA2-4C2F-B626-60A747015FE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "9144F644-A3D4-440C-8978-257E71204617"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:*",
"matchCriteriaId": "6CB7AD22-F27B-4807-88F1-02ED420421D5"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36731.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36731",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.227",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:42:54.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Win32k"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF11918C-FE48-4778-AB51-62159779D96B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36731",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36732.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36732",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.287",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:28:13.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Win32k"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF11918C-FE48-4778-AB51-62159779D96B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36732",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-367xx/CVE-2023-36737.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36737",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.347",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:40:18.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Azure Network Watcher VM Agent Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Azure Network Watcher VM Agent "
}
],
"metrics": {
@ -34,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:azure_network_watcher:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.2798.3",
"matchCriteriaId": "E8BC1078-E0BF-4EAE-8C14-3CF175273378"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36737",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36743.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36743",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.407",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:39:26.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Win32k"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF11918C-FE48-4778-AB51-62159779D96B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36743",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38216.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38216",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-10-11T12:15:10.797",
"lastModified": "2023-10-11T12:54:05.787",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:45:34.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 12.0.4 (y anteriores) y 13.0.3 (y anteriores) de Adobe Bridge se ven afectadas por una vulnerabilidad Use After Free, que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para evitar mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.0.4",
"matchCriteriaId": "0A78DA71-7DD2-4244-A10F-72627140F226"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:bridge:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndExcluding": "13.0.4",
"matchCriteriaId": "37029F99-76E6-48ED-B71F-2F5ECB873A6D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/bridge/apsb23-49.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-398xx/CVE-2023-39854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39854",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-09T07:15:24.570",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:01:50.667",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "La interfaz web de ATX Ucrypt hasta la versi\u00f3n 3.5 permite a los usuarios autenticados (o atacantes que utilizan credenciales predeterminadas para la cuenta de administrador, maestra o de usuario) incluir archivos a trav\u00e9s de una URL en el par\u00e1metro de URL /hydra/view/get_cc_url. Puede haber una SSRF resultante."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atx:ucrypt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.5",
"matchCriteriaId": "C36A2C80-367D-4FC5-A53C-F705B7E6C8C8"
}
]
}
]
}
],
"references": [
{
"url": "https://wiki.notveg.ninja/blog/CVE-2023-39854/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}
]
}

137
CVE-2023/CVE-2023-407xx/CVE-2023-40718.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40718",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-10-10T17:15:12.560",
"lastModified": "2023-10-10T17:52:09.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:38:48.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets."
},
{
"lang": "es",
"value": "Un conflicto de interpretaci\u00f3n en las versiones 7.321, 7.166 y 6.158 de Fortinet IPS Engine permite a un atacante evadir las funciones de IPS a trav\u00e9s de paquetes TCP manipulados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -34,10 +58,117 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-436"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.312",
"matchCriteriaId": "76621CA9-15A3-45C7-89F6-00FF2F0DB7B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.4",
"matchCriteriaId": "7582B2FF-8EDC-4599-96F3-CFA7BAE1FCF5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.165",
"matchCriteriaId": "E527DD20-7553-4CAD-BFFF-02D2C4DFFADC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.12",
"matchCriteriaId": "39A6C2A7-21A4-4BB5-A3B6-9466E5CEA296"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios_ips_engine:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.158",
"matchCriteriaId": "E17821E5-7836-4EEA-A383-66CBCD45B258"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.13",
"matchCriteriaId": "B153B056-24AE-41C4-B644-65E080C18360"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-090",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-410xx/CVE-2023-41047.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41047",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-09T16:15:10.480",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:40:38.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octoprint:octoprint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.9.3",
"matchCriteriaId": "6DDB94E4-F56F-4C7C-A828-B76E70051E66"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OctoPrint/OctoPrint/commit/d0072cff894509c77e243d6562245ad3079e17db",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OctoPrint/OctoPrint/releases/tag/1.9.3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-fwfg-vprh-97ph",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-436xx/CVE-2023-43625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43625",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-10-10T11:15:12.323",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:26:10.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simcenter_amesim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2021.1",
"matchCriteriaId": "04745EBE-2AF5-47CB-BA50-153C595573DB"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-386812.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-443xx/CVE-2023-44378.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44378",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-09T14:15:10.873",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:43:14.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -54,18 +74,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:consensys:gnark:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.9.0",
"matchCriteriaId": "33F1210A-A393-4C12-B0DF-0F698913487C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d0934f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Consensys/gnark/security/advisories/GHSA-498w-5j49-vqjg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/zkopru-network/zkopru/issues/116",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
}
]
}

68
CVE-2023/CVE-2023-443xx/CVE-2023-44393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44393",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-09T15:15:10.057",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:42:49.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -54,14 +74,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwigo:piwigo:*:*:*:*:*:*:*:*",
"versionEndIncluding": "13.8.0",
"matchCriteriaId": "A9A51DBC-EA76-4B8F-8DE6-7745C843A675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwigo:piwigo:14.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "C56DF199-9F77-4651-B7C7-B592A9C65AF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwigo:piwigo:14.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "7CBD8ECB-841F-4C29-A7DF-72F5D2FBBC99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwigo:piwigo:14.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2AB2327B-CFBB-4863-BEC1-B92F0602AF3A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Piwigo/Piwigo/commit/cc99c0f1e967c5f1722a0cce30ff42374a7bbc23",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-957m-7vgg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-444xx/CVE-2023-44400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44400",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-09T16:15:10.567",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:24:14.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:uptime.kuma:uptime_kuma:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23.3",
"matchCriteriaId": "F178E40D-CC31-4E9A-B03C-A648C13E94D2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/louislam/uptime-kuma/commit/88afab6571ef7d4d41bb395cdb6ecd3968835a4a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/louislam/uptime-kuma/issues/3481",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Mitigation"
]
},
{
"url": "https://github.com/louislam/uptime-kuma/security/advisories/GHSA-g9v2-wqcj-j99g",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

560
CVE-2023/CVE-2023-444xx/CVE-2023-44487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T14:15:10.883",
"lastModified": "2023-10-13T16:15:12.720",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T19:32:37.727",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-10",
"cisaActionDue": "2023-10-31",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -18,383 +18,749 @@
"value": "El protocolo HTTP/2 permite una denegaci\u00f3n de servicio (consumo de recursos del servidor) porque la cancelaci\u00f3n de solicitudes puede restablecer muchas transmisiones r\u00e1pidamente, como explot\u00f3 salvajemente entre agosto y octubre de 2023."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ietf:http:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5200E35-222B-42E0-83E0-5B702684D992"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/4",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2023-011/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Vendor Advisory"
]
},
{
"url": "https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://blog.vespa.ai/cve-2023-44487/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.proxmox.com/show_bug.cgi?id=4988",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242803",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1216123",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Vendor Advisory"
]
},
{
"url": "https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Vendor Advisory"
]
},
{
"url": "https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description",
"Vendor Advisory"
]
},
{
"url": "https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/Azure/AKS/issues/3947",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/Kong/kong/discussions/11741",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/advisories/GHSA-qppj-fm5r-hxr3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/advisories/GHSA-vx74-f528-fxqg",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/advisories/GHSA-xpw8-rcwv-8f8p",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/akka/akka-http/issues/4323",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/alibaba/tengine/issues/1872",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/apache/apisix/issues/10320",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/apache/httpd-site/pull/10",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/apache/trafficserver/pull/10564",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/bcdannyboy/CVE-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/caddyserver/caddy/issues/5877",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/caddyserver/caddy/releases/tag/v2.7.5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/dotnet/announcements/issues/277",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/eclipse/jetty.project/issues/10679",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/envoyproxy/envoy/pull/30055",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/etcd-io/etcd/issues/16740",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/facebook/proxygen/pull/466",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/golang/go/issues/63417",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/grpc/grpc-go/pull/6703",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/h2o/h2o/pull/3291",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/haproxy/haproxy/issues/2312",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/junkurihara/rust-rpxy/issues/97",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/kazu-yamamoto/http2/issues/93",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/kubernetes/kubernetes/pull/121120",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/line/armeria/pull/5232",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/micrictor/http2-rst-stream",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/microsoft/CBL-Mariner/pull/6381",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nghttp2/nghttp2/pull/1961",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/ninenines/cowboy/issues/1615",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/nodejs/node/pull/50121",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/openresty/openresty/issues/930",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/opensearch-project/data-prepper/issues/3474",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/oqtane/oqtane.framework/discussions/3367",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/projectcontour/contour/pull/5826",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/tempesta-tech/tempesta/issues/1986",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/varnishcache/varnish-cache/issues/3996",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://istio.io/latest/news/security/istio-security-2023-004/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://my.f5.com/manage/s/article/K000137106",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://netty.io/news/2023/10/10/4-1-100-Final.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://news.ycombinator.com/item?id=37830987",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://news.ycombinator.com/item?id=37830998",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "https://news.ycombinator.com/item?id=37831062",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://news.ycombinator.com/item?id=37837043",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.paloaltonetworks.com/CVE-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://ubuntu.com/security/CVE-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5521",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5522",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/10/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
},
{
"url": "https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Press/Media Coverage"
]
}
]
}

64
CVE-2023/CVE-2023-53xx/CVE-2023-5365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5365",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-10-09T16:15:11.117",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:13:11.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "La aplicaci\u00f3n HP LIFE Android Mobile es potencialmente vulnerable a una escalada de privilegios y/o divulgaci\u00f3n de informaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:life:*:*:*:*:*:android:*:*",
"versionEndExcluding": "1.8",
"matchCriteriaId": "DF9AF0C7-9C47-49E3-B6E5-7C306F446AFF"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_9393937-9393961-16/hpsbgn03870",
"source": "hp-security-alert@hp.com"
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-54xx/CVE-2023-5491.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5491",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-10T15:15:11.003",
"lastModified": "2023-10-10T15:47:36.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:11:03.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241643. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad clasificada como cr\u00edtica fue encontrada en Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform hasta 20230928. Este problema afecta a un procesamiento desconocido del archivo /sysmanage/updatelib.php. La manipulaci\u00f3n del argumento file_upload conduce a una carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-241643. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,59 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:byzoro:smart_s45f_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230928",
"matchCriteriaId": "92BFABCF-7517-438D-92F1-4F21699BBB7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s45f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDA1A96-1CB9-48C6-805E-514CE4FEC9E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241643",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241643",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-54xx/CVE-2023-5492.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5492",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-10T16:15:10.340",
"lastModified": "2023-10-10T16:37:27.690",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:11:42.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. Affected is an unknown function of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241644. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform hasta 20230928 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /sysmanage/licence.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento file_upload conduce a una carga sin restricciones. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-241644. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,59 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:byzoro:smart_s45f_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230928",
"matchCriteriaId": "92BFABCF-7517-438D-92F1-4F21699BBB7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s45f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDA1A96-1CB9-48C6-805E-514CE4FEC9E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/s45_upload_licence.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241644",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241644",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-55xx/CVE-2023-5521.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5521",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-11T12:15:11.937",
"lastModified": "2023-10-11T12:54:05.787",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T18:07:46.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9."
},
{
"lang": "es",
"value": "Autorizaci\u00f3n Incorrecta en el repositorio de GitHub tiann/kernelsu anterior a v0.6.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +72,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kernelsu:kernelsu:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.6.9",
"matchCriteriaId": "236AC00C-816B-493B-ACB1-80A431235FE0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tiann/kernelsu/commit/a22959beae1aad96b1f72710a5daadf529c41bda",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

65
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-13T18:00:24.495400+00:00
2023-10-13T20:00:24.095064+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-13T17:57:33.853000+00:00
2023-10-13T19:58:57.183000+00:00
```
### Last Data Feed Release
@ -34,46 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `0`
* [CVE-2023-40682](CVE-2023/CVE-2023-406xx/CVE-2023-40682.json) (`2023-10-13T16:15:11.487`)
* [CVE-2023-45269](CVE-2023/CVE-2023-452xx/CVE-2023-45269.json) (`2023-10-13T16:15:12.853`)
* [CVE-2023-45270](CVE-2023/CVE-2023-452xx/CVE-2023-45270.json) (`2023-10-13T16:15:12.997`)
* [CVE-2023-45276](CVE-2023/CVE-2023-452xx/CVE-2023-45276.json) (`2023-10-13T16:15:13.123`)
* [CVE-2023-4499](CVE-2023/CVE-2023-44xx/CVE-2023-4499.json) (`2023-10-13T17:15:09.653`)
* [CVE-2023-5409](CVE-2023/CVE-2023-54xx/CVE-2023-5409.json) (`2023-10-13T17:15:09.713`)
* [CVE-2023-5449](CVE-2023/CVE-2023-54xx/CVE-2023-5449.json) (`2023-10-13T17:15:09.767`)
### CVEs modified in the last Commit
Recently modified CVEs: `46`
Recently modified CVEs: `57`
* [CVE-2023-39265](CVE-2023/CVE-2023-392xx/CVE-2023-39265.json) (`2023-10-13T16:15:11.357`)
* [CVE-2023-41080](CVE-2023/CVE-2023-410xx/CVE-2023-41080.json) (`2023-10-13T16:15:11.610`)
* [CVE-2023-42795](CVE-2023/CVE-2023-427xx/CVE-2023-42795.json) (`2023-10-13T16:15:11.740`)
* [CVE-2023-43654](CVE-2023/CVE-2023-436xx/CVE-2023-43654.json) (`2023-10-13T16:15:11.890`)
* [CVE-2023-43762](CVE-2023/CVE-2023-437xx/CVE-2023-43762.json) (`2023-10-13T16:15:12.030`)
* [CVE-2023-43764](CVE-2023/CVE-2023-437xx/CVE-2023-43764.json) (`2023-10-13T16:15:12.637`)
* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-13T16:15:12.720`)
* [CVE-2023-45648](CVE-2023/CVE-2023-456xx/CVE-2023-45648.json) (`2023-10-13T16:15:13.240`)
* [CVE-2023-5461](CVE-2023/CVE-2023-54xx/CVE-2023-5461.json) (`2023-10-13T16:20:54.217`)
* [CVE-2023-41838](CVE-2023/CVE-2023-418xx/CVE-2023-41838.json) (`2023-10-13T16:22:36.743`)
* [CVE-2023-42455](CVE-2023/CVE-2023-424xx/CVE-2023-42455.json) (`2023-10-13T16:26:53.420`)
* [CVE-2023-42782](CVE-2023/CVE-2023-427xx/CVE-2023-42782.json) (`2023-10-13T16:29:27.250`)
* [CVE-2023-41675](CVE-2023/CVE-2023-416xx/CVE-2023-41675.json) (`2023-10-13T16:32:57.720`)
* [CVE-2023-36820](CVE-2023/CVE-2023-368xx/CVE-2023-36820.json) (`2023-10-13T16:35:04.037`)
* [CVE-2023-41679](CVE-2023/CVE-2023-416xx/CVE-2023-41679.json) (`2023-10-13T16:54:57.640`)
* [CVE-2023-29348](CVE-2023/CVE-2023-293xx/CVE-2023-29348.json) (`2023-10-13T17:08:11.700`)
* [CVE-2023-36414](CVE-2023/CVE-2023-364xx/CVE-2023-36414.json) (`2023-10-13T17:11:51.533`)
* [CVE-2023-36415](CVE-2023/CVE-2023-364xx/CVE-2023-36415.json) (`2023-10-13T17:14:21.973`)
* [CVE-2023-38817](CVE-2023/CVE-2023-388xx/CVE-2023-38817.json) (`2023-10-13T17:15:09.577`)
* [CVE-2023-36416](CVE-2023/CVE-2023-364xx/CVE-2023-36416.json) (`2023-10-13T17:20:48.610`)
* [CVE-2023-36436](CVE-2023/CVE-2023-364xx/CVE-2023-36436.json) (`2023-10-13T17:21:16.367`)
* [CVE-2023-43643](CVE-2023/CVE-2023-436xx/CVE-2023-43643.json) (`2023-10-13T17:35:04.310`)
* [CVE-2023-5493](CVE-2023/CVE-2023-54xx/CVE-2023-5493.json) (`2023-10-13T17:51:52.803`)
* [CVE-2023-5494](CVE-2023/CVE-2023-54xx/CVE-2023-5494.json) (`2023-10-13T17:52:50.543`)
* [CVE-2023-36429](CVE-2023/CVE-2023-364xx/CVE-2023-36429.json) (`2023-10-13T17:57:33.853`)
* [CVE-2023-39854](CVE-2023/CVE-2023-398xx/CVE-2023-39854.json) (`2023-10-13T19:01:50.667`)
* [CVE-2023-36584](CVE-2023/CVE-2023-365xx/CVE-2023-36584.json) (`2023-10-13T19:07:41.083`)
* [CVE-2023-35652](CVE-2023/CVE-2023-356xx/CVE-2023-35652.json) (`2023-10-13T19:08:54.447`)
* [CVE-2023-36585](CVE-2023/CVE-2023-365xx/CVE-2023-36585.json) (`2023-10-13T19:09:26.133`)
* [CVE-2023-36581](CVE-2023/CVE-2023-365xx/CVE-2023-36581.json) (`2023-10-13T19:14:45.527`)
* [CVE-2023-36582](CVE-2023/CVE-2023-365xx/CVE-2023-36582.json) (`2023-10-13T19:16:24.573`)
* [CVE-2023-36589](CVE-2023/CVE-2023-365xx/CVE-2023-36589.json) (`2023-10-13T19:17:45.187`)
* [CVE-2023-36596](CVE-2023/CVE-2023-365xx/CVE-2023-36596.json) (`2023-10-13T19:22:20.200`)
* [CVE-2023-36605](CVE-2023/CVE-2023-366xx/CVE-2023-36605.json) (`2023-10-13T19:27:21.993`)
* [CVE-2023-36732](CVE-2023/CVE-2023-367xx/CVE-2023-36732.json) (`2023-10-13T19:28:13.070`)
* [CVE-2023-36603](CVE-2023/CVE-2023-366xx/CVE-2023-36603.json) (`2023-10-13T19:29:00.070`)
* [CVE-2023-36594](CVE-2023/CVE-2023-365xx/CVE-2023-36594.json) (`2023-10-13T19:31:02.297`)
* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-13T19:32:37.727`)
* [CVE-2023-36602](CVE-2023/CVE-2023-366xx/CVE-2023-36602.json) (`2023-10-13T19:35:00.647`)
* [CVE-2023-36728](CVE-2023/CVE-2023-367xx/CVE-2023-36728.json) (`2023-10-13T19:41:30.780`)
* [CVE-2023-36729](CVE-2023/CVE-2023-367xx/CVE-2023-36729.json) (`2023-10-13T19:41:41.020`)
* [CVE-2023-36730](CVE-2023/CVE-2023-367xx/CVE-2023-36730.json) (`2023-10-13T19:42:01.933`)
* [CVE-2023-36731](CVE-2023/CVE-2023-367xx/CVE-2023-36731.json) (`2023-10-13T19:42:54.560`)
* [CVE-2023-36590](CVE-2023/CVE-2023-365xx/CVE-2023-36590.json) (`2023-10-13T19:43:33.030`)
* [CVE-2023-36606](CVE-2023/CVE-2023-366xx/CVE-2023-36606.json) (`2023-10-13T19:52:35.470`)
* [CVE-2023-36724](CVE-2023/CVE-2023-367xx/CVE-2023-36724.json) (`2023-10-13T19:53:26.347`)
* [CVE-2023-36725](CVE-2023/CVE-2023-367xx/CVE-2023-36725.json) (`2023-10-13T19:53:42.393`)
* [CVE-2023-36598](CVE-2023/CVE-2023-365xx/CVE-2023-36598.json) (`2023-10-13T19:56:30.370`)
* [CVE-2023-36593](CVE-2023/CVE-2023-365xx/CVE-2023-36593.json) (`2023-10-13T19:58:44.980`)
* [CVE-2023-36726](CVE-2023/CVE-2023-367xx/CVE-2023-36726.json) (`2023-10-13T19:58:57.183`)
## Download and Usage