diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2637.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2637.json index c32b1dc0ea8..6682d2d43d0 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2637.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2637.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2637", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:20.803", - "lastModified": "2022-05-13T14:57:22.177", + "lastModified": "2023-11-21T18:06:10.070", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -119,8 +119,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" }, { "vulnerable": true, @@ -329,6 +329,7 @@ "url": "http://www.securityfocus.com/bid/102576", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -337,6 +338,7 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2638.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2638.json index 17db986f96d..c8e8163f155 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2638.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2638.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2638", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:20.850", - "lastModified": "2022-08-12T18:04:28.627", + "lastModified": "2023-11-21T18:27:02.693", "vulnStatus": "Analyzed", "descriptions": [ { @@ -89,8 +89,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" } ] } @@ -299,6 +299,7 @@ "url": "http://www.securityfocus.com/bid/102546", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -307,7 +308,9 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ - "Broken Link" + "Broken Link", + "Third Party Advisory", + "VDB Entry" ] }, { diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2639.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2639.json index e629c9c3885..2e5cd7c470d 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2639.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2639.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2639", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:20.897", - "lastModified": "2022-08-12T18:04:25.050", + "lastModified": "2023-11-21T18:26:35.867", "vulnStatus": "Analyzed", "descriptions": [ { @@ -89,8 +89,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" } ] } @@ -170,14 +170,18 @@ "url": "http://www.securityfocus.com/bid/102556", "source": "secalert_us@oracle.com", "tags": [ - "Broken Link" + "Broken Link", + "Third Party Advisory", + "VDB Entry" ] }, { "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ - "Broken Link" + "Broken Link", + "Third Party Advisory", + "VDB Entry" ] }, { diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2641.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2641.json index 5d5009d4a99..bb5d009d5ef 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2641.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2641.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2641", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:20.993", - "lastModified": "2022-05-13T14:57:22.210", + "lastModified": "2023-11-21T18:27:23.130", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -119,8 +119,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" } ] } @@ -324,6 +324,7 @@ "url": "http://www.securityfocus.com/bid/102605", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -332,6 +333,7 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2663.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2663.json index 4041d9507f8..c5928f424de 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2663.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2663.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2663", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:22.007", - "lastModified": "2022-05-13T14:57:22.243", + "lastModified": "2023-11-21T18:06:03.100", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -119,8 +119,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" }, { "vulnerable": true, @@ -329,6 +329,7 @@ "url": "http://www.securityfocus.com/bid/102662", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -337,6 +338,7 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2677.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2677.json index 59ae6592b3d..0472151161c 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2677.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2677.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2677", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:22.647", - "lastModified": "2022-05-13T14:57:22.263", + "lastModified": "2023-11-21T18:05:55.213", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -119,8 +119,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" } ] } @@ -324,6 +324,7 @@ "url": "http://www.securityfocus.com/bid/102656", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -332,6 +333,7 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2018/CVE-2018-26xx/CVE-2018-2678.json b/CVE-2018/CVE-2018-26xx/CVE-2018-2678.json index b58248f0087..42db1fe5a09 100644 --- a/CVE-2018/CVE-2018-26xx/CVE-2018-2678.json +++ b/CVE-2018/CVE-2018-26xx/CVE-2018-2678.json @@ -2,7 +2,7 @@ "id": "CVE-2018-2678", "sourceIdentifier": "secalert_us@oracle.com", "published": "2018-01-18T02:29:22.697", - "lastModified": "2022-05-13T14:57:22.283", + "lastModified": "2023-11-21T18:04:42.813", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", @@ -99,8 +99,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jdk:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "1D1ECEA2-55C5-4554-B3E7-A5BA268C0063" + "criteria": "cpe:2.3:a:oracle:jdk:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "796F8150-771C-4806-83D7-72C5F539ED1F" }, { "vulnerable": true, @@ -119,8 +119,8 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:jre:1.9.0.1:*:*:*:*:*:*:*", - "matchCriteriaId": "F1AAC9C9-0B1A-42F3-8E3D-60EEDED64678" + "criteria": "cpe:2.3:a:oracle:jre:9.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "76105155-2BDC-4A86-8DA4-4EC5362D5978" }, { "vulnerable": true, @@ -329,6 +329,7 @@ "url": "http://www.securityfocus.com/bid/102659", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] @@ -337,6 +338,7 @@ "url": "http://www.securitytracker.com/id/1040203", "source": "secalert_us@oracle.com", "tags": [ + "Broken Link", "Third Party Advisory", "VDB Entry" ] diff --git a/CVE-2021/CVE-2021-275xx/CVE-2021-27502.json b/CVE-2021/CVE-2021-275xx/CVE-2021-27502.json new file mode 100644 index 00000000000..71fb379dc23 --- /dev/null +++ b/CVE-2021/CVE-2021-275xx/CVE-2021-27502.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-27502", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-11-21T18:15:07.510", + "lastModified": "2023-11-21T18:15:07.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Texas Instruments TI-RTOS, when configured to use HeapMem heap(default),\n malloc returns a valid pointer to a small buffer on extremely large \nvalues, which can trigger an integer overflow vulnerability in \n'HeapMem_allocUnprotected' and result in code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.4, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.ti.com/tool/TI-RTOS-MCU", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-275xx/CVE-2021-27504.json b/CVE-2021/CVE-2021-275xx/CVE-2021-27504.json new file mode 100644 index 00000000000..0c51a986605 --- /dev/null +++ b/CVE-2021/CVE-2021-275xx/CVE-2021-27504.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2021-27504", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-11-21T18:15:07.713", + "lastModified": "2023-11-21T18:15:07.713", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in\n code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.4, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.ti.com/tool/TI-RTOS-MCU", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-381xx/CVE-2021-38111.json b/CVE-2021/CVE-2021-381xx/CVE-2021-38111.json index 0c673b4d009..f805b02a085 100644 --- a/CVE-2021/CVE-2021-381xx/CVE-2021-38111.json +++ b/CVE-2021/CVE-2021-381xx/CVE-2021-38111.json @@ -2,8 +2,8 @@ "id": "CVE-2021-38111", "sourceIdentifier": "cve@mitre.org", "published": "2021-08-04T18:15:10.093", - "lastModified": "2021-08-17T14:43:51.023", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T17:15:07.477", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -112,6 +112,10 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://github.com/skintigh/defcon27_badge_sdr", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-300xx/CVE-2022-30067.json b/CVE-2022/CVE-2022-300xx/CVE-2022-30067.json index bcd468e5a09..dd4c36311ff 100644 --- a/CVE-2022/CVE-2022-300xx/CVE-2022-30067.json +++ b/CVE-2022/CVE-2022-300xx/CVE-2022-30067.json @@ -2,8 +2,8 @@ "id": "CVE-2022-30067", "sourceIdentifier": "cve@mitre.org", "published": "2022-05-17T17:15:08.407", - "lastModified": "2022-05-26T00:04:00.743", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T17:15:07.577", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -106,6 +106,10 @@ "Issue Tracking", "Third Party Advisory" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00015.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-225xx/CVE-2023-22516.json b/CVE-2023/CVE-2023-225xx/CVE-2023-22516.json new file mode 100644 index 00000000000..88891eb7c0f --- /dev/null +++ b/CVE-2023/CVE-2023-225xx/CVE-2023-22516.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-22516", + "sourceIdentifier": "security@atlassian.com", + "published": "2023-11-21T18:15:07.910", + "lastModified": "2023-11-21T18:15:07.910", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.0, and 9.3.0 of Bamboo Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.7.\r\n JDK 1.8u121+ should be used in case Java 8 used to run Bamboo Data Center and Server. See Bamboo 9.2 Upgrade notes (https://confluence.atlassian.com/bambooreleases/bamboo-9-2-upgrade-notes-1207179212.html)\r\n\r\n Bamboo Data Center and Server 9.3: Upgrade to a release greater than or equal to 9.3.4\r\n\r\nSee the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).\r\n\r\nThis vulnerability was discovered by a private user and reported via our Bug Bounty program" + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@atlassian.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573", + "source": "security@atlassian.com" + }, + { + "url": "https://jira.atlassian.com/browse/BAM-25168", + "source": "security@atlassian.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-225xx/CVE-2023-22521.json b/CVE-2023/CVE-2023-225xx/CVE-2023-22521.json new file mode 100644 index 00000000000..f1d75bfd10d --- /dev/null +++ b/CVE-2023/CVE-2023-225xx/CVE-2023-22521.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-22521", + "sourceIdentifier": "security@atlassian.com", + "published": "2023-11-21T18:15:08.070", + "lastModified": "2023-11-21T18:15:08.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.6 of Crowd Data Center and Server.\r\n\r\nThis RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.0, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction.\r\n\r\nAtlassian recommends that Crowd Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:\r\n Crowd Data Center and Server 3.4: Upgrade to a release greater than or equal to 5.1.6\r\n Crowd Data Center and Server 5.2: Upgrade to a release greater than or equal to 5.2.1\r\n\r\nSee the release notes ([https://confluence.atlassian.com/crowd/crowd-release-notes-199094.html]). You can download the latest version of Crowd Data Center and Server from the download center ([https://www.atlassian.com/software/crowd/download-archive]).\r\n\r\nThis vulnerability was discovered by m1sn0w and reported via our Bug Bounty program" + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@atlassian.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1318881573", + "source": "security@atlassian.com" + }, + { + "url": "https://jira.atlassian.com/browse/CWD-6139", + "source": "security@atlassian.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28376.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28376.json index d42409960a5..5e5cf96b0b7 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28376.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28376.json @@ -2,16 +2,40 @@ "id": "CVE-2023-28376", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:21.793", - "lastModified": "2023-11-14T19:30:27.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:41:53.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access." + }, + { + "lang": "es", + "value": "La lectura fuera de los l\u00edmites en el firmware de Intel(R) E810 Ethernet Controllers and Adapters anteriores a la versi\u00f3n 1.7.1 puede permitir que un usuario no autenticado habilite potencialmente la denegaci\u00f3n de servicio a trav\u00e9s del acceso adyacente." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,211 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-2cqda2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "459854C3-D982-47E5-8E1D-72B732BD7A5C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-2cqda2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7DB31D15-0C95-4037-85FD-77B5964665A1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda1_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "77C14DE6-4E3B-49AD-9F22-8F10D008FBC9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "87F3AB90-46C3-48DD-B0B4-4E036712ECCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda1_for_ocp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "29F34B82-C7E7-49A3-8161-54B902A4C6B0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86F81244-F28E-416A-B3B6-7A1F79D8AC73" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda1_for_ocp_3.0_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "65E2C711-5C67-422E-A2C7-DE6A4F720A22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp_3.0:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F06D5B95-4DD0-4BEB-A32A-AAE300046670" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda2_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "665AC27E-47C6-4FEE-89BF-B394FA7CF247" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D582770B-4CCD-43A4-B218-FFD9AE530A24" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda2_for_ocp_3.0_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "FD7F8FB6-EBE0-4CBA-9BDE-3E398A1AF5EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2_for_ocp_3.0:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CA63976A-922C-4E50-8D69-D7F6A62AD31E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810-cqda2t_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.1", + "matchCriteriaId": "4600F6C7-8055-4834-8173-9FDB840268D7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2t:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66EDE48D-7049-4BBB-B24A-3CEA9BAA3B27" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00869.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-291xx/CVE-2023-29177.json b/CVE-2023/CVE-2023-291xx/CVE-2023-29177.json index 5155be04584..073bc5e2d7c 100644 --- a/CVE-2023/CVE-2023-291xx/CVE-2023-29177.json +++ b/CVE-2023/CVE-2023-291xx/CVE-2023-29177.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29177", "sourceIdentifier": "psirt@fortinet.com", "published": "2023-11-14T19:15:24.337", - "lastModified": "2023-11-14T19:30:27.750", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T18:47:17.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Multiple buffer copy without checking size of input ('classic buffer overflow') vulnerabilities [CWE-120] in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests." + }, + { + "lang": "es", + "value": "Las vulnerabilidades de copia de b\u00fafer m\u00faltiple sin verificar el tama\u00f1o de entrada ('desbordamiento del b\u00fafer cl\u00e1sico') [CWE-120] en FortiADC versi\u00f3n 7.2.0 y anteriores a 7.1.2 y FortiDDoS-F versi\u00f3n 6.5.0 y anteriores a 6.4.1 permiten a un atacante privilegiado ejecutar c\u00f3digo o comandos arbitrarios a trav\u00e9s de solicitudes CLI espec\u00edficamente manipuladas." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@fortinet.com", "type": "Secondary", @@ -46,10 +70,111 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.1.0", + "versionEndIncluding": "7.1.2", + "matchCriteriaId": "8EE864BE-0405-485C-997E-072092F6BB5E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:5.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "20EC4BBC-C056-4B63-8D08-F1F6F77CED5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:5.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "F67FE569-A1C6-4592-B650-444C94C45A90" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:5.4.0:-:*:*:*:*:*:*", + "matchCriteriaId": "A3B866E2-9E6A-4F82-ABBC-800F87152FE4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:6.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "C61C6239-ACC1-4A3B-ABC4-B2C501148927" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:6.1.0:-:*:*:*:*:*:*", + "matchCriteriaId": "43DED0DD-E584-4ECF-8B0F-2FB8B3167889" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:6.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "63B95B99-89C8-4797-8FDA-2887596ADFED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:7.0.0:-:*:*:*:*:*:*", + "matchCriteriaId": "70AE3711-D7D8-49A3-981D-CD96F2497CB5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiadc:7.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "74B0A112-AA30-4D11-8F36-3DC8A2EBCA16" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.1.0", + "versionEndIncluding": "6.1.4", + "matchCriteriaId": "C7B816ED-6776-46CF-9F8C-B0A2CF3716F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.4.0", + "versionEndIncluding": "6.4.1", + "matchCriteriaId": "847C6FC1-DBCF-4803-BDDB-6E2C5B079ECD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiddos-f:6.2.0:-:*:*:*:*:*:*", + "matchCriteriaId": "4DD47EAD-BE0A-4E66-BAE6-BFECD8FBCC1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiddos-f:6.3.0:-:*:*:*:*:*:*", + "matchCriteriaId": "A702B46E-1BA1-4D57-BBC5-96B66DB83FAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fortinet:fortiddos-f:6.5.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0DB1731B-7799-408B-8F8C-F5ABFEA7A180" + } + ] + } + ] + } + ], "references": [ { "url": "https://fortiguard.com/psirt/FG-IR-23-064", - "source": "psirt@fortinet.com" + "source": "psirt@fortinet.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29504.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29504.json index d3dd6d4fbd9..b9cb38a3f10 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29504.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29504.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29504", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:24.530", - "lastModified": "2023-11-14T19:30:24.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T18:34:22.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access." + }, + { + "lang": "es", + "value": "El elemento de ruta de b\u00fasqueda no controlado en algunos software Intel(R) RealSense(TM) Dynamic Calibration anteriores a la versi\u00f3n 2.13.1.0 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:realsense_d400_series_dynamic_calibration_tool:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.13.1.0", + "matchCriteriaId": "FE0B2806-7FF9-4FA2-AF79-0CC77BCCCD57" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00871.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31203.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31203.json index 6de94c1ef1c..855cd817998 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31203.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31203.json @@ -2,16 +2,40 @@ "id": "CVE-2023-31203", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:24.707", - "lastModified": "2023-11-14T19:30:24.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:54:07.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access." + }, + { + "lang": "es", + "value": "La validaci\u00f3n de entrada incorrecta en algunos software OpenVINO Model Server anterior a la versi\u00f3n 2022.3 para la distribuci\u00f3n del kit de herramientas Intel Distribution de OpenVINO puede permitir que un usuario no autenticado habilite potencialmente la denegaci\u00f3n de servicio a trav\u00e9s del acceso a la red." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:openvino_model_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022.3", + "matchCriteriaId": "B2F46790-5633-4444-9C60-AAE9DD0A8DA9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00901.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32279.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32279.json index 486f1292b4d..77a0d2912b6 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32279.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32279.json @@ -2,16 +2,40 @@ "id": "CVE-2023-32279", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:25.480", - "lastModified": "2023-11-14T19:30:24.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:54:26.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access." + }, + { + "lang": "es", + "value": "El control de acceso inadecuado en el controlador del modo de usuario para Intel(R) Connectivity Performance Suite anteriores a la versi\u00f3n 2.1123.214.2 puede permitir que un usuario no autenticado habilite potencialmente la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso a la red." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:connectivity_performance_suite:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.1123.214.2", + "matchCriteriaId": "F126F42C-E3C9-40F7-BA9D-E4CA2548C6AA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00944.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32283.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32283.json index 4977c20b128..a7877828942 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32283.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32283.json @@ -2,16 +2,40 @@ "id": "CVE-2023-32283", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:25.660", - "lastModified": "2023-11-14T19:30:24.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:54:43.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local access." + }, + { + "lang": "es", + "value": "La inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en algunos software Intel(R) On Demand anterior a las versiones 1.16.2, 2.1.1, 3.1.0 puede permitir que un usuario autenticado potencialmente habilite la divulgaci\u00f3n de informaci\u00f3n a trav\u00e9s del acceso local." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:on_demand:1.16.1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "1618669D-0A0D-47E7-878E-C0142672B993" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:on_demand:2.1.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "CA9FFA36-3E1F-4928-8BB5-03EB2DD22761" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:on_demand:3.0.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "5AD16A51-B19B-4760-B89F-23F4E6A4E8A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00914.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32638.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32638.json index 6aa293e57a8..1a60e76cf2b 100644 --- a/CVE-2023/CVE-2023-326xx/CVE-2023-32638.json +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32638.json @@ -2,16 +2,40 @@ "id": "CVE-2023-32638", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:25.840", - "lastModified": "2023-11-14T19:30:24.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:54:57.823", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect default permissions in some Intel Arc RGB Controller software before version 1.06 may allow an authenticated user to potentially enable escalation of privilege via local access." + }, + { + "lang": "es", + "value": "Los permisos predeterminados incorrectos en algunos software Intel Arc RGB Controller anteriores a la versi\u00f3n 1.06 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:arc_rgb_controller:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.06", + "matchCriteriaId": "0F004AB5-8A42-4F28-9C06-3EB8C6AA4598" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00952.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-360xx/CVE-2023-36018.json b/CVE-2023/CVE-2023-360xx/CVE-2023-36018.json index 539c9baa871..43b10f8de82 100644 --- a/CVE-2023/CVE-2023-360xx/CVE-2023-36018.json +++ b/CVE-2023/CVE-2023-360xx/CVE-2023-36018.json @@ -2,16 +2,40 @@ "id": "CVE-2023-36018", "sourceIdentifier": "secure@microsoft.com", "published": "2023-11-14T18:15:31.413", - "lastModified": "2023-11-14T18:51:42.203", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T18:15:33.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Visual Studio Code Jupyter Extension Spoofing Vulnerability" + }, + { + "lang": "es", + "value": "Vulnerabilidad de suplantaci\u00f3n de identidad en la extensi\u00f3n Jupyter de Visual Studio Code." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "secure@microsoft.com", "type": "Secondary", @@ -34,10 +58,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:jupyter:*:*:*:*:*:visual_studio_code:*:*", + "versionEndExcluding": "2023.10.1100000000", + "matchCriteriaId": "D13971B8-BD06-484A-96B3-9A8A884FAE14" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36018", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38411.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38411.json index f69dee37f31..f14bdab1334 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38411.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38411.json @@ -2,16 +2,40 @@ "id": "CVE-2023-38411", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:29.150", - "lastModified": "2023-11-14T19:30:20.993", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T18:44:14.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access." + }, + { + "lang": "es", + "value": "Un control de acceso inadecuado en la aplicaci\u00f3n de Android, Intel Smart Campus anterior a la versi\u00f3n 9.4 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:smart_campus:*:*:*:*:*:android:*:*", + "versionEndExcluding": "9.4", + "matchCriteriaId": "592914B4-07DC-4B97-982D-E8D853B07017" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00863.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3812.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3812.json index b21af9309c3..c6c42165d42 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3812.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3812.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3812", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:13.337", - "lastModified": "2023-11-21T11:15:09.253", + "lastModified": "2023-11-21T17:15:07.663", "vulnStatus": "Modified", "descriptions": [ { @@ -138,10 +138,30 @@ "url": "https://access.redhat.com/errata/RHSA-2023:6813", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7370", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2023:7379", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7382", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7389", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7411", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7418", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3812", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-392xx/CVE-2023-39230.json b/CVE-2023/CVE-2023-392xx/CVE-2023-39230.json index 72ae1aa438b..2f23e302a9d 100644 --- a/CVE-2023/CVE-2023-392xx/CVE-2023-39230.json +++ b/CVE-2023/CVE-2023-392xx/CVE-2023-39230.json @@ -2,16 +2,40 @@ "id": "CVE-2023-39230", "sourceIdentifier": "secure@intel.com", "published": "2023-11-14T19:15:29.947", - "lastModified": "2023-11-14T19:30:20.993", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T18:50:21.977", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access." + }, + { + "lang": "es", + "value": "Los permisos heredados inseguros en algunos software Intel Rapid Storage Technology anteriores a la versi\u00f3n 16.8.5.1014.9 pueden permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + }, { "source": "secure@intel.com", "type": "Secondary", @@ -46,10 +80,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:rapid_storage_technology:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.8.5.1014.9", + "matchCriteriaId": "A34B5338-4F58-48BB-A6D8-90B9E0B50AB2" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00961.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3961.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3961.json index cac8053ead8..12b60a2ef80 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3961.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3961.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3961", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T13:15:08.723", - "lastModified": "2023-11-13T18:48:45.780", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:08.227", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -167,6 +167,14 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7371", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7408", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3961", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json index 2e7fd74a579..f49813d2823 100644 --- a/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4004.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4004", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-31T17:15:10.203", - "lastModified": "2023-11-07T04:22:02.487", - "vulnStatus": "Modified", + "lastModified": "2023-11-21T17:15:07.873", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -202,6 +202,30 @@ "url": "https://access.redhat.com/errata/RHSA-2023:5627", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7382", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7389", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7411", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7417", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7431", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7434", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4004", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4091.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4091.json index e60d494b32e..395284470cb 100644 --- a/CVE-2023/CVE-2023-40xx/CVE-2023-4091.json +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4091.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4091", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-03T08:15:08.197", - "lastModified": "2023-11-13T17:52:24.593", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:08.623", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -167,6 +167,14 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7371", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7408", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4091", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-41xx/CVE-2023-4147.json b/CVE-2023/CVE-2023-41xx/CVE-2023-4147.json index 0d9d5fa1fed..fe0b85a30cf 100644 --- a/CVE-2023/CVE-2023-41xx/CVE-2023-4147.json +++ b/CVE-2023/CVE-2023-41xx/CVE-2023-4147.json @@ -2,7 +2,7 @@ "id": "CVE-2023-4147", "sourceIdentifier": "secalert@redhat.com", "published": "2023-08-07T14:15:11.633", - "lastModified": "2023-11-07T04:22:11.063", + "lastModified": "2023-11-21T17:15:08.033", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 5.9 }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -210,6 +210,18 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7382", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7389", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7411", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4147", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-426xx/CVE-2023-42669.json b/CVE-2023/CVE-2023-426xx/CVE-2023-42669.json index 498c4bbf59c..1d80b3d5982 100644 --- a/CVE-2023/CVE-2023-426xx/CVE-2023-42669.json +++ b/CVE-2023/CVE-2023-426xx/CVE-2023-42669.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42669", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-06T07:15:09.137", - "lastModified": "2023-11-14T18:20:56.677", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:08.343", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -178,6 +178,14 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7371", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7408", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-42669", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json b/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json index 8418b65dd24..bc5d6863027 100644 --- a/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json +++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42753.json @@ -2,7 +2,7 @@ "id": "CVE-2023-42753", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-25T21:15:15.923", - "lastModified": "2023-11-21T11:15:09.420", + "lastModified": "2023-11-21T17:15:07.763", "vulnStatus": "Modified", "descriptions": [ { @@ -139,10 +139,30 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2023:7370", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2023:7379", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7382", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7389", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7411", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7418", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-42753", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45161.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45161.json index d88859b26fa..a0b804e5bbc 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45161.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45161.json @@ -2,12 +2,12 @@ "id": "CVE-2023-45161", "sourceIdentifier": "security@1e.com", "published": "2023-11-06T13:15:09.730", - "lastModified": "2023-11-14T17:54:06.743", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:08.443", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI" + "value": "The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI" }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-451xx/CVE-2023-45163.json b/CVE-2023/CVE-2023-451xx/CVE-2023-45163.json index 16038557eed..6369da1ee47 100644 --- a/CVE-2023/CVE-2023-451xx/CVE-2023-45163.json +++ b/CVE-2023/CVE-2023-451xx/CVE-2023-45163.json @@ -2,12 +2,12 @@ "id": "CVE-2023-45163", "sourceIdentifier": "security@1e.com", "published": "2023-11-06T13:15:09.807", - "lastModified": "2023-11-14T17:53:40.080", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:08.543", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nThe 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI\n\n" + "value": "\nThe 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI\n\n" }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47662.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47662.json index eb7aa64db40..29ff7909ee6 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47662.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47662.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47662", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-14T00:15:07.743", - "lastModified": "2023-11-14T15:15:54.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:01:11.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:goldbroker:live_gold_price_\\&_silver_price_charts_widgets:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.4", + "matchCriteriaId": "14B9D71A-8ECC-4329-8A83-7AB370C1250A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/gold-price-chart-widget/wordpress-live-gold-price-silver-price-charts-widgets-plugin-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-476xx/CVE-2023-47673.json b/CVE-2023/CVE-2023-476xx/CVE-2023-47673.json index 302e47c986e..b80887a8deb 100644 --- a/CVE-2023/CVE-2023-476xx/CVE-2023-47673.json +++ b/CVE-2023/CVE-2023-476xx/CVE-2023-47673.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47673", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-14T00:15:08.140", - "lastModified": "2023-11-14T15:15:54.130", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-21T17:07:15.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -50,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:thecrowned:post_pay_counter:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.789", + "matchCriteriaId": "16C768A3-8592-4AB0-BA2B-C27C98108D62" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/post-pay-counter/wordpress-post-pay-counter-plugin-2-789-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4806.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4806.json index b6a960e30d7..869ce085af1 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4806.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4806.json @@ -2,7 +2,7 @@ "id": "CVE-2023-4806", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-18T17:15:55.813", - "lastModified": "2023-11-07T04:22:59.567", + "lastModified": "2023-11-21T18:15:08.727", "vulnStatus": "Modified", "descriptions": [ { @@ -37,7 +37,7 @@ "impactScore": 3.6 }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -70,7 +70,7 @@ ] }, { - "source": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "source": "secalert@redhat.com", "type": "Secondary", "description": [ { @@ -300,6 +300,10 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7409", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4806", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4813.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4813.json index 7de98210c55..45418addf3b 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4813.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4813.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4813", "sourceIdentifier": "secalert@redhat.com", "published": "2023-09-12T22:15:08.277", - "lastModified": "2023-11-10T18:15:10.280", - "vulnStatus": "Modified", + "lastModified": "2023-11-21T18:15:08.873", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -196,6 +196,10 @@ "Third Party Advisory" ] }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7409", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4813", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5055.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5055.json new file mode 100644 index 00000000000..6568653b57f --- /dev/null +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5055.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-5055", + "sourceIdentifier": "vulnerabilities@zephyrproject.org", + "published": "2023-11-21T18:15:09.023", + "lastModified": "2023-11-21T18:15:09.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Possible variant of CVE-2021-3434 in function le_ecred_reconf_req." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vulnerabilities@zephyrproject.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "vulnerabilities@zephyrproject.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wr8r-7f8x-24jj", + "source": "vulnerabilities@zephyrproject.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json index 4552487a110..784ce581888 100644 --- a/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5178.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5178", "sourceIdentifier": "secalert@redhat.com", "published": "2023-11-01T17:15:11.920", - "lastModified": "2023-11-21T11:15:09.537", + "lastModified": "2023-11-21T18:15:09.220", "vulnStatus": "Modified", "descriptions": [ { @@ -149,10 +149,18 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2023:7370", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/errata/RHSA-2023:7379", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7418", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5178", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json index 756b0589a63..8ff80118f0d 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5367.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5367", "sourceIdentifier": "secalert@redhat.com", "published": "2023-10-25T20:15:18.323", - "lastModified": "2023-11-18T03:15:08.287", + "lastModified": "2023-11-21T17:15:08.180", "vulnStatus": "Undergoing Analysis", "descriptions": [ { @@ -173,6 +173,26 @@ "url": "https://access.redhat.com/errata/RHSA-2023:6808", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7373", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7388", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7405", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7428", + "source": "secalert@redhat.com" + }, + { + "url": "https://access.redhat.com/errata/RHSA-2023:7436", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5367", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json b/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json index 62066c8edf7..4fa758d4719 100644 --- a/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json +++ b/CVE-2023/CVE-2023-53xx/CVE-2023-5380.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5380", "sourceIdentifier": "secalert@redhat.com", "published": "2023-10-25T20:15:18.503", - "lastModified": "2023-11-18T03:15:08.443", + "lastModified": "2023-11-21T18:15:09.313", "vulnStatus": "Undergoing Analysis", "descriptions": [ { @@ -165,6 +165,10 @@ } ], "references": [ + { + "url": "https://access.redhat.com/errata/RHSA-2023:7428", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2023-5380", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5964.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5964.json index 759a48e6124..9b1b881d802 100644 --- a/CVE-2023/CVE-2023-59xx/CVE-2023-5964.json +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5964.json @@ -2,12 +2,12 @@ "id": "CVE-2023-5964", "sourceIdentifier": "security@1e.com", "published": "2023-11-06T13:15:10.187", - "lastModified": "2023-11-14T17:50:11.880", - "vulnStatus": "Analyzed", + "lastModified": "2023-11-21T18:15:09.550", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "\nThe 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions.\n\nTo remediate this issue DELETE the instruction\u00a0\u201cShow dialogue with caption %Caption% and message %Message%\u201d from the list of instructions in the Settings UI, and replace it with the new instruction\u00a01E-Exchange-ShowNotification instruction available in the updated End-User Interaction product pack. The new instruction should show as\u00a0\u201cShow %Type% type notification with header %Header% and message %Message%\u201d with a version of 7.1 or above." + "value": "\nThe 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack available on the 1E Exchange does not properly validate the Caption or Message parameters, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients.\n\nTo remediate this issue DELETE the instruction\u00a0\u201cShow dialogue with caption %Caption% and message %Message%\u201d from the list of instructions in the Settings UI, and replace it with the new instruction\u00a01E-Exchange-ShowNotification instruction available in the updated End-User Interaction product pack. The new instruction should show as\u00a0\u201cShow %Type% type notification with header %Header% and message %Message%\u201d with a version of 7.1 or above." }, { "lang": "es", diff --git a/README.md b/README.md index ed7ce916bf4..8bd29d1265b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-21T17:00:18.629034+00:00 +2023-11-21T19:00:18.107652+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-21T16:54:10.720000+00:00 +2023-11-21T18:50:21.977000+00:00 ``` ### Last Data Feed Release @@ -29,38 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -231219 +231224 ``` ### CVEs added in the last Commit -Recently added CVEs: `14` +Recently added CVEs: `5` -* [CVE-2023-46377](CVE-2023/CVE-2023-463xx/CVE-2023-46377.json) (`2023-11-21T16:15:42.713`) -* [CVE-2023-48124](CVE-2023/CVE-2023-481xx/CVE-2023-48124.json) (`2023-11-21T15:15:07.477`) -* [CVE-2023-49060](CVE-2023/CVE-2023-490xx/CVE-2023-49060.json) (`2023-11-21T15:15:07.560`) -* [CVE-2023-49061](CVE-2023/CVE-2023-490xx/CVE-2023-49061.json) (`2023-11-21T15:15:07.633`) -* [CVE-2023-6204](CVE-2023/CVE-2023-62xx/CVE-2023-6204.json) (`2023-11-21T15:15:07.687`) -* [CVE-2023-6205](CVE-2023/CVE-2023-62xx/CVE-2023-6205.json) (`2023-11-21T15:15:07.737`) -* [CVE-2023-6206](CVE-2023/CVE-2023-62xx/CVE-2023-6206.json) (`2023-11-21T15:15:07.787`) -* [CVE-2023-6207](CVE-2023/CVE-2023-62xx/CVE-2023-6207.json) (`2023-11-21T15:15:07.843`) -* [CVE-2023-6208](CVE-2023/CVE-2023-62xx/CVE-2023-6208.json) (`2023-11-21T15:15:07.900`) -* [CVE-2023-6209](CVE-2023/CVE-2023-62xx/CVE-2023-6209.json) (`2023-11-21T15:15:07.957`) -* [CVE-2023-6210](CVE-2023/CVE-2023-62xx/CVE-2023-6210.json) (`2023-11-21T15:15:08.010`) -* [CVE-2023-6211](CVE-2023/CVE-2023-62xx/CVE-2023-6211.json) (`2023-11-21T15:15:08.057`) -* [CVE-2023-6212](CVE-2023/CVE-2023-62xx/CVE-2023-6212.json) (`2023-11-21T15:15:08.110`) -* [CVE-2023-6213](CVE-2023/CVE-2023-62xx/CVE-2023-6213.json) (`2023-11-21T15:15:08.170`) +* [CVE-2021-27502](CVE-2021/CVE-2021-275xx/CVE-2021-27502.json) (`2023-11-21T18:15:07.510`) +* [CVE-2021-27504](CVE-2021/CVE-2021-275xx/CVE-2021-27504.json) (`2023-11-21T18:15:07.713`) +* [CVE-2023-22516](CVE-2023/CVE-2023-225xx/CVE-2023-22516.json) (`2023-11-21T18:15:07.910`) +* [CVE-2023-22521](CVE-2023/CVE-2023-225xx/CVE-2023-22521.json) (`2023-11-21T18:15:08.070`) +* [CVE-2023-5055](CVE-2023/CVE-2023-50xx/CVE-2023-5055.json) (`2023-11-21T18:15:09.023`) ### CVEs modified in the last Commit -Recently modified CVEs: `5` +Recently modified CVEs: `36` -* [CVE-2021-45450](CVE-2021/CVE-2021-454xx/CVE-2021-45450.json) (`2023-11-21T16:29:39.140`) -* [CVE-2023-6006](CVE-2023/CVE-2023-60xx/CVE-2023-6006.json) (`2023-11-21T16:12:34.167`) -* [CVE-2023-46316](CVE-2023/CVE-2023-463xx/CVE-2023-46316.json) (`2023-11-21T16:32:54.253`) -* [CVE-2023-45897](CVE-2023/CVE-2023-458xx/CVE-2023-45897.json) (`2023-11-21T16:33:02.183`) -* [CVE-2023-5678](CVE-2023/CVE-2023-56xx/CVE-2023-5678.json) (`2023-11-21T16:54:10.720`) +* [CVE-2023-3812](CVE-2023/CVE-2023-38xx/CVE-2023-3812.json) (`2023-11-21T17:15:07.663`) +* [CVE-2023-42753](CVE-2023/CVE-2023-427xx/CVE-2023-42753.json) (`2023-11-21T17:15:07.763`) +* [CVE-2023-4004](CVE-2023/CVE-2023-40xx/CVE-2023-4004.json) (`2023-11-21T17:15:07.873`) +* [CVE-2023-4147](CVE-2023/CVE-2023-41xx/CVE-2023-4147.json) (`2023-11-21T17:15:08.033`) +* [CVE-2023-5367](CVE-2023/CVE-2023-53xx/CVE-2023-5367.json) (`2023-11-21T17:15:08.180`) +* [CVE-2023-28376](CVE-2023/CVE-2023-283xx/CVE-2023-28376.json) (`2023-11-21T17:41:53.923`) +* [CVE-2023-31203](CVE-2023/CVE-2023-312xx/CVE-2023-31203.json) (`2023-11-21T17:54:07.040`) +* [CVE-2023-32279](CVE-2023/CVE-2023-322xx/CVE-2023-32279.json) (`2023-11-21T17:54:26.863`) +* [CVE-2023-32283](CVE-2023/CVE-2023-322xx/CVE-2023-32283.json) (`2023-11-21T17:54:43.380`) +* [CVE-2023-32638](CVE-2023/CVE-2023-326xx/CVE-2023-32638.json) (`2023-11-21T17:54:57.823`) +* [CVE-2023-3961](CVE-2023/CVE-2023-39xx/CVE-2023-3961.json) (`2023-11-21T18:15:08.227`) +* [CVE-2023-42669](CVE-2023/CVE-2023-426xx/CVE-2023-42669.json) (`2023-11-21T18:15:08.343`) +* [CVE-2023-45161](CVE-2023/CVE-2023-451xx/CVE-2023-45161.json) (`2023-11-21T18:15:08.443`) +* [CVE-2023-45163](CVE-2023/CVE-2023-451xx/CVE-2023-45163.json) (`2023-11-21T18:15:08.543`) +* [CVE-2023-4091](CVE-2023/CVE-2023-40xx/CVE-2023-4091.json) (`2023-11-21T18:15:08.623`) +* [CVE-2023-4806](CVE-2023/CVE-2023-48xx/CVE-2023-4806.json) (`2023-11-21T18:15:08.727`) +* [CVE-2023-4813](CVE-2023/CVE-2023-48xx/CVE-2023-4813.json) (`2023-11-21T18:15:08.873`) +* [CVE-2023-5178](CVE-2023/CVE-2023-51xx/CVE-2023-5178.json) (`2023-11-21T18:15:09.220`) +* [CVE-2023-5380](CVE-2023/CVE-2023-53xx/CVE-2023-5380.json) (`2023-11-21T18:15:09.313`) +* [CVE-2023-5964](CVE-2023/CVE-2023-59xx/CVE-2023-5964.json) (`2023-11-21T18:15:09.550`) +* [CVE-2023-36018](CVE-2023/CVE-2023-360xx/CVE-2023-36018.json) (`2023-11-21T18:15:33.700`) +* [CVE-2023-29504](CVE-2023/CVE-2023-295xx/CVE-2023-29504.json) (`2023-11-21T18:34:22.367`) +* [CVE-2023-38411](CVE-2023/CVE-2023-384xx/CVE-2023-38411.json) (`2023-11-21T18:44:14.920`) +* [CVE-2023-29177](CVE-2023/CVE-2023-291xx/CVE-2023-29177.json) (`2023-11-21T18:47:17.137`) +* [CVE-2023-39230](CVE-2023/CVE-2023-392xx/CVE-2023-39230.json) (`2023-11-21T18:50:21.977`) ## Download and Usage