admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-19 18:00:29.089126+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-19 18:00:32 +00:00
parent 26d63bc09e
commit 08dd8432ae
105 changed files with 2474 additions and 4279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

751
CVE-2012/CVE-2012-64xx/CVE-2012-6497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-6497",
"sourceIdentifier": "cve@mitre.org",
"published": "2013-01-04T04:46:02.993",
"lastModified": "2019-08-08T15:42:45.623",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:52:23.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -48,7 +48,7 @@
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "CWE-89"
}
]
}
@ -62,734 +62,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "49B9DD7F-DA3A-49C5-B2D4-8A8BD73C6FA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EB938651-C874-4427-AF9B-E9564B258633"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D59FAFB-5D48-4BD8-AD51-FF9A204E373D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FE23CCE1-1713-4813-A0AB-1E10DBDA4D12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "897109FF-2C37-458A-91A9-7407F3DFBC99"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "289B1633-AAF7-48BE-9A71-0577428EE531"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B947FD6D-CD0B-44EE-95B5-E513AF244905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3666B82-1880-4A43-900F-3656F3FB157A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE622F6D-AC7D-4D82-A33C-82C2CEFDB9B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C06D18BA-A0AB-461B-B498-2F1759CBF37D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "61EBE7E0-C474-43A7-85E3-093C754A253F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D7195418-A2E9-43E6-B29F-AEACC317E69E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "39485B13-3C71-4EC6-97CF-6C796650C5B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E2E16D8B-4FBD-4FB6-ABA8-B38ECA4D413F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.14.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A3B30A-65F0-4D63-9A09-B23E9FC8D550"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.14.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62323F62-AD04-4F43-A566-718DDB4149CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:0.14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A8E890B1-4237-4470-939A-4FC489E04520"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "24F3B933-0F68-4F88-999C-0BE48BC88CF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E13DAEA-F118-4CB2-88A5-54E3327B6B9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BC33BF68-D887-4C67-8E8C-D2A6CD877FB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFCB88D-D946-4510-8DDC-67C32A606589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E793287E-2BDA-4012-86F5-886B82510431"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DF706143-996C-4120-B620-3EDC977568DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "43E7F32B-C760-4862-B6DB-C38FB2A9182F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "FD68A034-73A2-4B1A-95DB-19AD3131F775"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E78C912-E8FF-495F-B922-43C54D1E2180"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "15B72C17-82C3-4930-9227-226C8E64C2E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FA59F311-B2B4-40EE-A878-64EF9F41581B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "035B47E9-A395-47D2-9164-A2A2CF878326"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BDA55D29-C830-45EF-A3B3-BFA9EED88F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9356A6-D32A-487C-B743-1DA0D6C42FA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2B3C7616-8631-49AC-979C-4347067059AF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC487B78-AAEA-4F0E-8C8B-F415013A381E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "50EEAFDA-7782-4E1E-9058-205AD4BE9A01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CAC748BB-BFC5-44F7-B633-CEEBB1279889"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "38CF2C31-70BB-41D3-9462-0A8B9869A5F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8584B37-7950-4C89-83D2-04E1ACDC60BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8CB26F65-5CFB-4BF8-BCC4-679327D4A8DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF12EA5D-5EB5-46A8-AC60-65B327D610AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "87B4B121-94BD-4E0F-8860-6239890043B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "63CF211C-683E-4F7D-8C62-05B153AC1960"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "456A2F7E-CC66-48C4-B028-353D2976837A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1CDAFA-2AC6-4C46-9E65-0BE9127E770F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9806A84-2160-40EA-9960-AE7756CE4E0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "07EC67D4-3D0F-4FF9-8197-71175DCB2723"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D1467583-23E9-4E2B-982D-80A356174BB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC784C0-5618-4C32-8C17-BE7041656E14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB9ABB5-1F78-4CF0-BA82-7833E0F7A56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AF3ED96F-3EA4-4E47-A559-9DF9A7D3DDE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3B38EAA4-E948-45A7-B6E5-7214F2B545E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6ECC8C49-5A46-4D23-81F9-8243F5D508DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:2.3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "312848C5-BA35-4A48-B66D-195A5E1CD00F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BE7DFE-BA20-434B-A1DE-AD038B255C60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*",
"matchCriteriaId": "DCEE5B21-C990-4705-8239-0D7B29DAEDA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "65EE33B1-B079-4CDE-B9C2-F1613A4610DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "5CAAA20B-824F-4448-99DC-9712FE628073"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "D2BEBDFB-0F30-454A-B74C-F820C9D2708B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*",
"matchCriteriaId": "1D7CD8C1-95D1-477E-AD96-6582EC33BA01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "B6F00D98-3D0F-40AF-AE4F-090B1E6B660C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9476CE55-69C0-45D3-B723-6F459C90BF05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*",
"matchCriteriaId": "486F5BA6-BCF7-4691-9754-19D364B4438D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "112FC73B-A8BC-4EEA-9F4B-CCE685EF2838"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*",
"matchCriteriaId": "E4498383-6FCA-4E17-A1FD-B0CE7EE50F85"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D26565B1-2BA6-4A3C-9264-7FC9A1820B59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "392E2D58-CB39-4832-B4D9-9C2E23B8E14C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1F2466EA-7039-46A1-B4A3-8DACD1953A59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAB4E72-0A15-4B26-9B69-074C278568D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A085E105-9375-440A-80CB-9B23E6D7EB4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*",
"matchCriteriaId": "25911E48-C5D7-4ED8-B4DB-7523A74CCF49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B29674E3-CC80-446B-9A43-82594AE7A058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FF34D8CB-2B6D-4CB8-A206-108293BCFFE7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "272268EE-E3E8-4683-B679-55D748877A7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7B69FD33-61FE-4F10-BBE1-215F59035D30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "08D7CB5D-82EF-4A24-A792-938FAB40863D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8A044B21-47D5-468D-AF4A-06B3B5CC0824"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2196F3D0-532A-40F9-843A-1DFBC8B63FDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "CBEDA932-6CB5-438C-94E4-824732A91BE0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "903E5524-5E45-48CE-A804-EDAEBE3A79AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*",
"matchCriteriaId": "08534AF2-F94E-4FB6-A572-4FB9827276D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*",
"matchCriteriaId": "29E3B4A6-1346-4358-B7BC-84D00ED3ABBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*",
"matchCriteriaId": "B52D7A6B-DD93-45F0-9186-18ABEFF28DF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1F07C641-48DF-43BE-9EB5-72B337C54846"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A1CB1B12-99F5-430F-AE19-9A95C17FA123"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A7C449-8F9A-4CE5-9C3D-375996BFAEE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "05D5D58C-DB79-41EA-81AE-5D95C48211B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FE331D6D-99BA-4369-AD8B-B556DEE4955F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58304E17-ADFD-4686-9CCF-C1CA31843B94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.13:rc1:*:*:*:*:*:*",
"matchCriteriaId": "05108EF0-81AD-4378-9843-5C23F2AC79A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE7DA7E-23A5-42AF-9D5C-39240CE2FBDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0C448F62-8231-4221-ADA0-C9B848AE03D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5FBD11A1-51C7-4AF7-AA0B-3A14C5435E70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F884F2F4-94F3-46CB-860B-1BCC0EEF408A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "88DFBB48-1C29-4639-9369-F5B413CA2337"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D37696D7-BEE6-4587-9E33-A7FE24780409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D3172982-3FA4-427F-BE3E-2321D804E49D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "FD6EC85B-F092-48FF-966A-96B9227C8656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "9000F3C1-57A0-474C-9C82-E58688F29838"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*",
"matchCriteriaId": "6E55E42E-AB6A-4E47-AC69-DFDAEB0A8735"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A42F4E7A-6F6A-485C-8D30-95F3B0285922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "30B9C0CB-F6E6-4233-84E4-D6E69104DD73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "84309CC7-A8B7-4ADB-AEA1-964DA5F7B0E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "5343241F-274D-45FF-97C7-2BC2E920BAF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FED122B8-AF4C-4C48-B1E5-54F4A7A31A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "157ACCAD-0FB8-4CC9-9DFB-70835DE6506C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "3E50ACF6-7277-4C9A-B42A-E7EFDC317691"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C191DC2B-1EC3-48E0-A586-867E6EE4431C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA51263-6680-42C6-B119-8241D6F76206"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B4BC41E8-FEDA-4C31-B479-D49A59FC4D63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "09C20971-53B5-43B0-AC45-5AA0FDF1B054"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D1AEFA5D-A793-4BAB-8DED-3D3A31260AD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "496902D6-409A-40D9-849F-C41264BE5B04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2482AB3F-8303-4F95-BE04-C5F06EEF2015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "244C6952-377C-4AF0-8BA2-C34516A3EB5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2816C02C-E13E-4367-91F3-14756A90EC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E82AF7C7-B725-40EF-8EE3-18F8E7FAEB29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "1AE674DE-65DB-437E-A034-A2EE5C584B33"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0524F3E3-BAD7-4CD3-A6E7-74CFBE4B46E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32EB2C3F-0F24-43DB-988E-BD2973598F71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB32713D-FE64-445E-872E-B4678C243AB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E6B4A-2B9C-46C8-A739-109EA4BA7FD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "89C618DC-38BC-4484-8C41-BC38B7EB636B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "FE1EF01A-F358-45D3-ADA2-51DD1D8CB6E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2616BD-A4E8-42F3-BB5A-7517DC4EDA3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0E376782-98B0-4766-B6FC-67E032A00C62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96D08DC1-14E9-4DB9-BC95-3F73B454FBC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F365C9E5-27DC-46C3-AFE4-4876EC7B352B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0016A6-0ED6-443D-B969-CB1226D8E28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E69470EA-5EBC-4FB9-A722-5B61C70C1140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.2.9",
"matchCriteriaId": "B5798B6C-16BA-49B6-823C-881451A6C3BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04FDC63D-6ED7-48AE-9D72-6419F54D4B84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DBF12B2F-39D9-48D5-9620-DF378D199295"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "22E1EAAF-7B49-498B-BFEB-357173824F4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1B9AD626-0AFA-4873-A701-C7716193A69C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF69F60A-E8D3-4A4D-BBB5-DE42A1402262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "986D2B30-FF07-498B-A5E0-A77BAB402619"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E3141A-162C-4674-BD7B-E1539BAA0B7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86E73F12-0551-42D2-ACC3-223C98B69C7E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D6BA0659-2287-4E95-B30D-2441CD96DA90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B01A4699-32D3-459E-B731-4240C8157F71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "224BD488-0D7E-4F8B-9012-DE872DEB544C"
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.10",
"matchCriteriaId": "1E36D9DF-926C-4763-AD5F-367813F8EF80"
}
]
}
@ -806,18 +81,28 @@
},
{
"url": "http://openwall.com/lists/oss-security/2013/01/03/12",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://phenoelit.org/blog/archives/2012/12/21/let_me_github_that_for_you/index.html",
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/57084",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

1413
CVE-2013/CVE-2013-43xx/CVE-2013-4348.json
View File

File diff suppressed because it is too large Load Diff

288
CVE-2013/CVE-2013-43xx/CVE-2013-4389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-4389",
"sourceIdentifier": "secalert@redhat.com",
"published": "2013-10-17T00:55:03.320",
"lastModified": "2019-08-08T15:42:42.873",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:52:10.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -62,233 +62,50 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3BE7DFE-BA20-434B-A1DE-AD038B255C60"
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.2.15",
"matchCriteriaId": "393CE9B0-AD9B-4A51-AC58-CF10BF115251"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9476CE55-69C0-45D3-B723-6F459C90BF05"
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "112FC73B-A8BC-4EEA-9F4B-CCE685EF2838"
},
"criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D26565B1-2BA6-4A3C-9264-7FC9A1820B59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "392E2D58-CB39-4832-B4D9-9C2E23B8E14C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CAB4E72-0A15-4B26-9B69-074C278568D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2196F3D0-532A-40F9-843A-1DFBC8B63FDC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1F07C641-48DF-43BE-9EB5-72B337C54846"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A7C449-8F9A-4CE5-9C3D-375996BFAEE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "05D5D58C-DB79-41EA-81AE-5D95C48211B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "58304E17-ADFD-4686-9CCF-C1CA31843B94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "4EE7DA7E-23A5-42AF-9D5C-39240CE2FBDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0C448F62-8231-4221-ADA0-C9B848AE03D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5FBD11A1-51C7-4AF7-AA0B-3A14C5435E70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "60255706-C44A-48CB-B98B-A1F0991CBC74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "0456E2E8-EF06-414E-8A7D-8005F0EB46B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D9EE4763-2495-4B6A-B72F-344967E51C27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A42F4E7A-6F6A-485C-8D30-95F3B0285922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FED122B8-AF4C-4C48-B1E5-54F4A7A31A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C191DC2B-1EC3-48E0-A586-867E6EE4431C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3AA51263-6680-42C6-B119-8241D6F76206"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "09C20971-53B5-43B0-AC45-5AA0FDF1B054"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "496902D6-409A-40D9-849F-C41264BE5B04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2482AB3F-8303-4F95-BE04-C5F06EEF2015"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "244C6952-377C-4AF0-8BA2-C34516A3EB5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98A79CC5-71EC-4E90-9E99-2DF62ABC0122"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6562F3C3-D794-4107-95D4-1C0B0486940B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2816C02C-E13E-4367-91F3-14756A90EC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0524F3E3-BAD7-4CD3-A6E7-74CFBE4B46E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "32EB2C3F-0F24-43DB-988E-BD2973598F71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C55E6B4A-2B9C-46C8-A739-109EA4BA7FD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2616BD-A4E8-42F3-BB5A-7517DC4EDA3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "96D08DC1-14E9-4DB9-BC95-3F73B454FBC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F365C9E5-27DC-46C3-AFE4-4876EC7B352B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6F0016A6-0ED6-443D-B969-CB1226D8E28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E69470EA-5EBC-4FB9-A722-5B61C70C1140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B13A8EBB-4211-4AB1-8872-244EEEE20ABD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C9AB2152-DED8-4CFD-B915-94A9F56FDD05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C630AB60-DBAF-421E-B663-492BAE8A180F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0F41CCF8-14EB-4327-A675-83BFDBB53196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:3.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "75842F7D-B1B1-48BA-858F-01148867B3AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "224BD488-0D7E-4F8B-9012-DE872DEB544C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:3.2.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A325F57E-0055-4279-9ED7-A26E75FC38E5"
"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
}
]
}
@ -298,28 +115,47 @@
"references": [
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2014/dsa-2887",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2014/dsa-2888",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ",
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Exploit"
]
}

1407
CVE-2013/CVE-2013-45xx/CVE-2013-4563.json
View File

File diff suppressed because it is too large Load Diff

33
CVE-2014/CVE-2014-26xx/CVE-2014-2672.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-2672",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-04-01T06:35:53.747",
"lastModified": "2020-08-27T17:05:37.383",
"lastModified": "2023-05-19T16:50:49.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -63,8 +63,37 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2",
"versionEndExcluding": "3.2.56",
"matchCriteriaId": "0D2B9685-650A-4324-957D-64C8DF52C942"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.92",
"matchCriteriaId": "AB7FAE85-A7F7-403F-B3F8-51D26A7AD5CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.42",
"matchCriteriaId": "2F7D3761-1031-4407-9D83-51387E0EFAE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.15",
"matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.13.7",
"matchCriteriaId": "D5D979C5-6EB3-436E-9207-26EC4335978D"
"matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207"
}
]
}

32
CVE-2014/CVE-2014-27xx/CVE-2014-2706.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-2706",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-04-14T23:55:07.700",
"lastModified": "2020-08-19T19:40:46.253",
"lastModified": "2023-05-19T16:50:46.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -63,8 +63,36 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.56",
"matchCriteriaId": "2A746AA8-CF9D-4203-BEE4-AA4662977375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.84",
"matchCriteriaId": "2869AF87-7E94-4E08-8EF9-8C62F663EC82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.34",
"matchCriteriaId": "67836467-8BEF-44A1-B031-98EFBA19F38C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.15",
"matchCriteriaId": "4AE2B033-586E-48AC-95DC-880018601DFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.13.7",
"matchCriteriaId": "D5D979C5-6EB3-436E-9207-26EC4335978D"
"matchCriteriaId": "B13865A2-6E9A-4FFE-A1C2-02B75D66C207"
}
]
}

49
CVE-2014/CVE-2014-50xx/CVE-2014-5077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-5077",
"sourceIdentifier": "secalert@redhat.com",
"published": "2014-08-01T11:13:09.507",
"lastModified": "2023-02-13T00:42:17.863",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:50:38.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,8 +63,44 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.15.8",
"matchCriteriaId": "4DCF4B0B-59B3-48E5-A3B7-D0E4FE606AF4"
"versionStartIncluding": "2.6.24",
"versionEndExcluding": "3.2.63",
"matchCriteriaId": "6B676747-1F46-4FE6-9A98-F0E01F35F9D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.103",
"matchCriteriaId": "DBB265C8-DADA-44DC-A0DC-161CCDAB6EDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.53",
"matchCriteriaId": "20AF0C16-3319-4384-BDFC-95F8D4764969"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.27",
"matchCriteriaId": "958A3619-3689-4544-8F01-6354F9883892"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.14.17",
"matchCriteriaId": "ABF3BDEA-4798-4715-94EE-48BCB7DC1287"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.15",
"versionEndExcluding": "3.15.10",
"matchCriteriaId": "FDF22CFE-2BCA-4178-9131-568ECF426054"
}
]
}
@ -154,7 +190,10 @@
"references": [
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1be9a950c646c9092fb3618197f7b6bfb50e82aa",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html",

106
CVE-2014/CVE-2014-64xx/CVE-2014-6418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-6418",
"sourceIdentifier": "cve@mitre.org",
"published": "2014-09-28T10:55:10.673",
"lastModified": "2014-10-24T07:28:06.730",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:50:32.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,18 +63,63 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.16.2",
"matchCriteriaId": "521B8B55-6ED0-4EC1-8AC1-9668D28527A5"
"versionEndExcluding": "3.2.64",
"matchCriteriaId": "AA01CABF-7DC1-47A4-B828-0B21B3813213"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3CFFCDFC-AE4F-47EE-B1DA-05A6865D1745"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.4.105",
"matchCriteriaId": "9E9E882D-EF97-446C-ADDB-EBE557228B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C610146-2E9B-43D3-A78F-26EDE1E918A3"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.5",
"versionEndExcluding": "3.10.55",
"matchCriteriaId": "093BBE75-4634-4D07-9EEB-7B7054AE3B6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.12.29",
"matchCriteriaId": "BBF71F21-E234-4CDD-87E7-D0F9ADDEFAD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.13",
"versionEndExcluding": "3.14.19",
"matchCriteriaId": "FC374559-3F85-41BF-A19D-10E2C20A83F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.15",
"versionEndExcluding": "3.16.3",
"matchCriteriaId": "ED968306-E23D-47D4-A2D0-533309AE355C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
}
]
}
@ -86,19 +131,24 @@
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c27a3e4d667fdcad3db7b104f75659478e0c68d8",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Vendor Advisory"
]
},
{
"url": "http://tracker.ceph.com/issues/8979",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory"
]
},
{
"url": "http://tracker.ceph.com/issues/9561",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.16.3",
@ -110,33 +160,53 @@
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/09/15/7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2376-1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2377-1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2378-1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-2379-1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1142073",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/c27a3e4d667fdcad3db7b104f75659478e0c68d8",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Third Party Advisory"
]
}
]

330
CVE-2016/CVE-2016-07xx/CVE-2016-0753.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2016-0753",
"sourceIdentifier": "secalert@redhat.com",
"published": "2016-02-16T02:59:07.690",
"lastModified": "2019-08-08T15:43:52.230",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:36:58.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -69,7 +69,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -83,203 +83,72 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C310EA3E-399A-48FD-8DE9-6950E328CF23"
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.14.1",
"matchCriteriaId": "368EF708-1502-4DC8-9374-724A6BF565DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "293B2998-5169-4960-BEC4-21DAC837E32B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB8D57F-9849-428C-B8E9-D0A1020728BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B0359DA8-6B41-46C5-AA95-41B1B366DD4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0965BDB6-9644-465C-AA32-9278B2D53197"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc2:*:*:*:*:*:*",
"matchCriteriaId": "7F6B15CF-37C1-4C9B-8457-4A8C9A480188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.2:rc3:*:*:*:*:*:*",
"matchCriteriaId": "072EB16D-1325-4869-B156-65E786A834C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "847B3C3D-8656-404D-A954-09C159EDC8E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65CA2D50-B33C-4088-BDDF-EB964C9A092C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CADB5989-5260-4F60-ACF2-BEB6D7F97654"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "509597D0-22E1-4BE8-95AD-C54FE4D15FA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "539C550D-FEDD-415E-95AE-40E1AE2BAF1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "59C5B869-74FC-4051-A103-A721332B3CF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "7C31EBD2-CD2D-4D38-AA51-A5A56487939A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "33FBD4E4-0BCD-49E1-BA84-86621B7C4556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "83D1EB17-EE67-48E5-B637-AA9A75D397F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A2B1711A-5541-412C-A5A0-274CEAB9E387"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C3AF00C3-93D9-4284-BCB9-40E42CB8386E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "709A19A5-8FD1-4F9C-A38C-F06242A94D68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "8104482C-E8F5-40A7-8B27-234FEF725FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2CFF8677-EA00-4F7E-BFF9-272482206DB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "85435026-9855-4BF4-A436-832628B005FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "56C2308F-A590-47B0-9791-7865D189196F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "9A266882-DABA-4A4C-88E6-60E993EE0947"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "83F1142C-3BFB-4B72-A033-81E20DB19D02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1FA738A1-227B-4665-B65E-666883FFAE96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "10789A2D-6401-4119-BFBE-2EE4C16216D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "70ABD462-7142-4831-8EB6-801EC1D05573"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "81D717DB-7C80-48AA-A774-E291D2E75D6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06B357FB-0307-4EFA-9C5B-3C2CDEA48584"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E4BD8840-0F1C-49D3-B843-9CFE64948018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79D5B492-43F9-470F-BD21-6EFD93E78453"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4EC1F602-D48C-458A-A063-4050BE3BB25F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F6A1C015-56AD-489C-B301-68CF1DBF1BEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "FD191625-ACE2-46B6-9AAD-12D682C732C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "02C7DB56-267B-4057-A9BA-36D1E58C6282"
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.5.1",
"matchCriteriaId": "B405A97A-7C41-4005-8E72-56F632D72B9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "AF8F94CF-D504-4165-A69E-3F1198CB162A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
"matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "23FD6D82-9A14-4BD4-AA00-1875F0962ACE"
"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
"matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"
}
]
}
@ -289,55 +158,106 @@
"references": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178041.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178043.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178047.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178065.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178066.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00043.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2016-0296.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2016/dsa-3464",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2016/01/25/14",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/82247",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1034816",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/6jQVC1geukQ/3Iy0GU1ZEgAJ",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}
]
}

12
CVE-2017/CVE-2017-179xx/CVE-2017-17916.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-17916",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-29T16:29:00.217",
"lastModified": "2018-01-10T15:16:23.140",
"lastModified": "2023-05-19T16:51:14.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.1.4",
"matchCriteriaId": "F46C1792-F008-4AF6-A46D-1E2B262EC13F"
"matchCriteriaId": "7808D558-05FB-404B-8E69-40EFE66BC057"
}
]
}

12
CVE-2017/CVE-2017-179xx/CVE-2017-17917.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-17917",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-29T16:29:00.263",
"lastModified": "2018-01-10T15:18:15.367",
"lastModified": "2023-05-19T16:48:35.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.1.4",
"matchCriteriaId": "F46C1792-F008-4AF6-A46D-1E2B262EC13F"
"matchCriteriaId": "7808D558-05FB-404B-8E69-40EFE66BC057"
}
]
}

24
CVE-2018/CVE-2018-38xx/CVE-2018-3873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3873",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-09-21T14:29:00.270",
"lastModified": "2022-04-19T18:15:18.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:49:45.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,27 +15,29 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

24
CVE-2018/CVE-2018-38xx/CVE-2018-3875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3875",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-09-10T19:29:00.500",
"lastModified": "2022-04-19T18:15:18.827",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:49:55.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,27 +15,29 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

24
CVE-2018/CVE-2018-38xx/CVE-2018-3877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3877",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-09-21T14:29:00.600",
"lastModified": "2022-04-19T18:15:18.963",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:49:58.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,27 +15,29 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

14
CVE-2018/CVE-2018-38xx/CVE-2018-3878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3878",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-08-23T15:29:00.867",
"lastModified": "2022-04-19T18:15:19.027",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:50:10.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -35,7 +35,9 @@
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

14
CVE-2018/CVE-2018-38xx/CVE-2018-3879.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3879",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-08-23T15:29:00.990",
"lastModified": "2022-04-19T18:15:19.103",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:50:01.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -35,7 +35,9 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

14
CVE-2018/CVE-2018-38xx/CVE-2018-3880.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3880",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-08-23T22:29:00.573",
"lastModified": "2022-04-19T18:15:19.173",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:50:14.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -35,7 +35,9 @@
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

14
CVE-2018/CVE-2018-39xx/CVE-2018-3919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-3919",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2018-08-23T15:29:01.647",
"lastModified": "2022-04-19T18:15:22.317",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-19T16:50:21.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -35,7 +35,9 @@
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
}
],
"cvssMetricV30": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",

12
CVE-2021/CVE-2021-296xx/CVE-2021-29657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29657",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-22T17:15:09.470",
"lastModified": "2021-10-18T12:55:53.810",
"lastModified": "2023-05-19T16:51:04.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -89,8 +89,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10",
"versionEndExcluding": "5.10.28",
"matchCriteriaId": "EC50161C-1BB2-406D-8DA1-1A7F5F473581"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.11.12",
"matchCriteriaId": "CBDC4726-27F0-4829-95BC-4F9840FF23EC"
"matchCriteriaId": "4D2300F5-4A31-4893-A7E9-F2B13748BF38"
}
]
}

76
CVE-2022/CVE-2022-34xx/CVE-2022-3424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3424",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-06T23:15:10.853",
"lastModified": "2023-05-03T14:15:12.830",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:51:36.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -65,8 +65,59 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.33",
"versionEndExcluding": "4.9.337",
"matchCriteriaId": "06458313-3A6F-47E0-8BC4-51BC0D1C4BC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.303",
"matchCriteriaId": "1E7450AD-4739-46F0-B81B-C02E7B35A97B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.270",
"matchCriteriaId": "AE8904A3-99BE-4E49-9682-1F90A6373F4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.229",
"matchCriteriaId": "A0C0D95E-414A-445E-941B-3EF6A4D3A093"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.163",
"matchCriteriaId": "D05D31FC-BD74-4F9E-B1D8-9CED62BE6F65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.86",
"matchCriteriaId": "47237296-55D1-4ED4-8075-D00FC85A61EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.16",
"matchCriteriaId": "C720A569-3D93-4D77-95F6-E2B3A3267D9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.2",
"matchCriteriaId": "77239F4B-6BB2-4B9E-A654-36A52396116C"
}
]
}
@ -107,11 +158,19 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz@163.com/",
@ -123,7 +182,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230406-0005/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.spinics.net/lists/kernel/msg4518970.html",

12
CVE-2022/CVE-2022-403xx/CVE-2022-40302.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40302",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T12:16:27.423",
"lastModified": "2023-05-10T15:18:03.120",
"lastModified": "2023-05-19T17:54:22.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]

12
CVE-2022/CVE-2022-403xx/CVE-2022-40318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-40318",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T12:16:27.800",
"lastModified": "2023-05-10T15:18:05.483",
"lastModified": "2023-05-19T17:54:40.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]

14
CVE-2022/CVE-2022-411xx/CVE-2022-41104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41104",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:23.557",
"lastModified": "2023-05-09T17:15:09.413",
"lastModified": "2023-05-19T17:15:08.920",
"vulnStatus": "Modified",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",

14
CVE-2022/CVE-2022-411xx/CVE-2022-41128.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41128",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:25.453",
"lastModified": "2023-03-02T22:15:09.390",
"lastModified": "2023-05-19T17:15:09.007",
"vulnStatus": "Modified",
"cisaExploitAdd": "2022-11-08",
"cisaActionDue": "2022-12-09",
@ -11,7 +11,7 @@
"descriptions": [
{
"lang": "en",
"value": "Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41118."
"value": "Windows Scripting Languages Remote Code Execution Vulnerability"
}
],
"metrics": {
@ -154,15 +154,7 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41128",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.secpod.com/blog/microsoft-november-2022-patch-tuesday-patches-65-vulnerabilities-including-6-zero-days/",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41128",
"source": "secure@microsoft.com"
}
]

12
CVE-2022/CVE-2022-436xx/CVE-2022-43681.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-43681",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T12:16:30.070",
"lastModified": "2023-05-10T15:17:58.587",
"lastModified": "2023-05-19T17:54:28.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]

59
CVE-2022/CVE-2022-466xx/CVE-2022-46656.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46656",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:26.340",
"lastModified": "2023-05-10T14:38:31.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:02:48.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_pro_software_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0.3",
"matchCriteriaId": "A00BADD1-3CD6-4938-A9D3-9449FF21C92A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00834.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2022/CVE-2022-467xx/CVE-2022-46720.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-46720",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:15.787",
"lastModified": "2023-05-16T19:32:18.817",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:10.733",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. An app may be able to break out of its sandbox"
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2. An app may be able to break out of its sandbox"
}
],
"metrics": {

59
CVE-2022/CVE-2022-479xx/CVE-2022-47984.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-47984",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-19T16:15:10.800",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 243163."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/243163",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/6988153",
"source": "psirt@us.ibm.com"
}
]
}

55
CVE-2023/CVE-2023-19xx/CVE-2023-1996.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-1996",
"sourceIdentifier": "3DS.Information-Security@3ds.com",
"published": "2023-05-19T17:15:09.097",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in 3DEXPERIENCE R2018x through R2023x allows an attacker to execute arbitrary script code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "3DS.Information-Security@3ds.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "3DS.Information-Security@3ds.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.3ds.com/vulnerability/advisories",
"source": "3DS.Information-Security@3ds.com"
}
]
}

4
CVE-2023/CVE-2023-208xx/CVE-2023-20881.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20881",
"sourceIdentifier": "security@vmware.com",
"published": "2023-05-19T15:15:08.673",
"lastModified": "2023-05-19T15:15:08.673",
"vulnStatus": "Received",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-224xx/CVE-2023-22440.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22440",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:27.873",
"lastModified": "2023-05-10T14:38:31.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:03:00.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:setup_and_configuration_software:*:*:*:*:*:microsoft_system_center_configuration_manager:*:*",
"versionEndIncluding": "2.1.9",
"matchCriteriaId": "97E1AADE-975F-4BD8-9F88-8C62562F4507"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00832.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-224xx/CVE-2023-22447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22447",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:28.900",
"lastModified": "2023-05-10T14:38:31.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:03:17.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:open_cache_acceleration_software:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "22.6.2",
"matchCriteriaId": "830FC40B-2337-4046-AFD5-248B8E4C72A3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00827.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-228xx/CVE-2023-22878.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-22878",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-19T16:15:10.887",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244373",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/6988155",
"source": "psirt@us.ibm.com"
}
]
}

12
CVE-2023/CVE-2023-235xx/CVE-2023-23525.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23525",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.170",
"lastModified": "2023-05-12T05:15:16.660",
"lastModified": "2023-05-19T16:15:10.933",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges"
"value": "This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. An app may be able to gain root privileges"
}
],
"metrics": {
@ -85,6 +85,10 @@
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com",
@ -92,10 +96,6 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213675",
"source": "product-security@apple.com"
}
]
}

6
CVE-2023/CVE-2023-235xx/CVE-2023-23527.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23527",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.277",
"lastModified": "2023-05-11T06:55:42.527",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:10.990",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. A user may gain access to protected parts of the file system"
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Ventura 13.3, tvOS 16.4, macOS Monterey 12.6.4. A user may gain access to protected parts of the file system"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23532.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-23532",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.403",
"lastModified": "2023-05-18T21:15:09.290",
"lastModified": "2023-05-19T16:15:11.060",
"vulnStatus": "Modified",
"descriptions": [
{
@ -92,10 +92,6 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213765",
"source": "product-security@apple.com"
}
]
}

6
CVE-2023/CVE-2023-235xx/CVE-2023-23533.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23533",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.457",
"lastModified": "2023-05-11T17:16:13.243",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.140",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. An app may be able to modify protected parts of the file system"
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to modify protected parts of the file system"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23534.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23534",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.507",
"lastModified": "2023-05-11T06:54:31.520",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.207",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory"
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. Processing a maliciously crafted image may result in disclosure of process memory"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23535.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23535",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.567",
"lastModified": "2023-05-18T21:15:09.360",
"lastModified": "2023-05-19T16:15:11.263",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.6, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
}
],
"metrics": {
@ -159,7 +159,7 @@
]
},
{
"url": "https://support.apple.com/kb/HT213759",
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
}
]

12
CVE-2023/CVE-2023-235xx/CVE-2023-23536.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23536",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.630",
"lastModified": "2023-05-12T05:15:16.730",
"lastModified": "2023-05-19T16:15:11.323",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {
@ -100,6 +100,10 @@
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com",
@ -107,10 +111,6 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213675",
"source": "product-security@apple.com"
}
]
}

6
CVE-2023/CVE-2023-235xx/CVE-2023-23537.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23537",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.687",
"lastModified": "2023-05-11T06:56:28.023",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.397",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to read sensitive location information"
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, watchOS 9.4, macOS Ventura 13.3. An app may be able to read sensitive location information"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23540.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23540",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.797",
"lastModified": "2023-05-16T19:23:21.787",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23542.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23542",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.923",
"lastModified": "2023-05-16T18:48:59.537",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.533",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to access user-sensitive data"
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to access user-sensitive data"
}
],
"metrics": {

6
CVE-2023/CVE-2023-235xx/CVE-2023-23543.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-23543",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.003",
"lastModified": "2023-05-16T14:09:57.577",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the camera"
"value": "The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the camera"
}
],
"metrics": {

59
CVE-2023/CVE-2023-235xx/CVE-2023-23573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23573",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:29.840",
"lastModified": "2023-05-10T14:38:19.080",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:03:32.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unite:*:*:*:*:*:android:*:*",
"versionEndIncluding": "17",
"matchCriteriaId": "7EB13035-C87F-480A-9714-FF3511367A4B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00825.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-251xx/CVE-2023-25179.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25179",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:31.930",
"lastModified": "2023-05-10T14:38:37.273",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:03:42.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unite:*:*:*:*:*:android:*:*",
"versionEndIncluding": "17",
"matchCriteriaId": "7EB13035-C87F-480A-9714-FF3511367A4B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00825.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-257xx/CVE-2023-25772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25772",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:32.397",
"lastModified": "2023-05-10T14:38:25.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:02:29.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:retail_edge_program:*:*:*:*:*:android:*:*",
"versionEndExcluding": "3.0.301126",
"matchCriteriaId": "11BE1F3D-9368-4E7D-8D70-1DFC8ABBAE17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:retail_edge_program:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "3.4.7",
"matchCriteriaId": "AFED798C-0421-4A5B-92EA-5D0365D50F5B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00847.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

33
CVE-2023/CVE-2023-266xx/CVE-2023-26606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26606",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-26T23:15:10.883",
"lastModified": "2023-03-16T16:15:12.323",
"vulnStatus": "Modified",
"lastModified": "2023-05-19T16:51:10.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -55,8 +55,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C41207B8-D94A-4714-B1E0-66CEFF00FEE0"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionEndExcluding": "5.15.86",
"matchCriteriaId": "5200A423-605D-4010-B20B-9EEEB516EAB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.16",
"matchCriteriaId": "C720A569-3D93-4D77-95F6-E2B3A3267D9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndExcluding": "6.1.2",
"matchCriteriaId": "77239F4B-6BB2-4B9E-A654-36A52396116C"
}
]
}
@ -68,12 +84,17 @@
"url": "https://lkml.org/lkml/2023/2/20/860",
"source": "cve@mitre.org",
"tags": [
"Exploit"
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230316-0010/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-26xx/CVE-2023-2665.json Normal file
View File

@ -0,0 +1,115 @@
{
"id": "CVE-2023-2665",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-12T01:15:09.783",
"lastModified": "2023-05-19T17:12:43.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-922"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-921"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rosariosis:rosariosis:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.0",
"matchCriteriaId": "31CD218D-312D-41C8-95B7-4DB70C8801FC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/francoisjacquet/rosariosis/commit/09d5afaa6be07688ca1a7ac3b755b5438109e986",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/42f38a84-8954-484d-b5ff-706ca0918194",
"source": "security@huntr.dev",
"tags": [
"Permissions Required"
]
}
]
}

105
CVE-2023/CVE-2023-26xx/CVE-2023-2666.json Normal file
View File

@ -0,0 +1,105 @@
{
"id": "CVE-2023-2666",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-12T01:15:09.847",
"lastModified": "2023-05-19T17:12:58.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.16",
"matchCriteriaId": "058420EC-EEB9-42C3-87E9-788EEF0500DE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/froxlor/froxlor/commit/1679675aa1c29d24344dd2e091ff252accb111d6",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/0bbdc9d4-d9dc-4490-93ef-0a83b451a20f",
"source": "security@huntr.dev",
"tags": [
"Permissions Required"
]
}
]
}

59
CVE-2023/CVE-2023-272xx/CVE-2023-27298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27298",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:32.563",
"lastModified": "2023-05-10T14:38:42.927",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:02:09.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:wake_up_latency_tracer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0",
"matchCriteriaId": "C7691F76-AF1B-4EEE-A2C9-2A8F599B4B55"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00853.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-273xx/CVE-2023-27382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27382",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:32.647",
"lastModified": "2023-05-10T14:38:31.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:01:56.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:nuc_p14e_laptop_element:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0.156",
"matchCriteriaId": "4402236B-7C16-4C36-A128-54DA2B3FEC34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00802.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-273xx/CVE-2023-27386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27386",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:32.740",
"lastModified": "2023-05-10T14:38:42.927",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:01:44.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,42 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:pathfinder_for_risc-v:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6E73FA25-6B58-4856-B704-D95ADA2F4F6F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00855.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-279xx/CVE-2023-27928.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27928",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.063",
"lastModified": "2023-05-16T12:58:24.477",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.663",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts"
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a user\u2019s contacts"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27929.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27929",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.130",
"lastModified": "2023-05-12T18:52:07.350",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.730",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, macOS Ventura 13.3. Processing a maliciously crafted image may result in disclosure of process memory"
}
],
"metrics": {

28
CVE-2023/CVE-2023-279xx/CVE-2023-27931.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27931",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.197",
"lastModified": "2023-05-12T19:10:07.780",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.793",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data"
"value": "This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.3, tvOS 16.4, watchOS 9.4, macOS Big Sur 11.7.3, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data"
}
],
"metrics": {
@ -89,6 +89,14 @@
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213603",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213604",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com",
@ -116,20 +124,6 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213603",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213604",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

13
CVE-2023/CVE-2023-279xx/CVE-2023-27932.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27932",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.247",
"lastModified": "2023-05-13T02:08:00.747",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.873",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy"
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. Processing maliciously crafted web content may bypass Same Origin Policy"
}
],
"metrics": {
@ -110,13 +110,6 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html",
"source": "product-security@apple.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-279xx/CVE-2023-27933.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27933",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.310",
"lastModified": "2023-05-13T02:12:33.147",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:11.960",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app with root privileges may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27935.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27935",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.423",
"lastModified": "2023-05-11T20:35:40.257",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.037",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution"
"value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27936.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27936",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.493",
"lastModified": "2023-05-11T20:36:01.177",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.117",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory"
"value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27937.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27937",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.550",
"lastModified": "2023-05-11T20:36:18.677",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.173",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution"
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27941.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27941",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.670",
"lastModified": "2023-05-12T05:15:17.837",
"lastModified": "2023-05-19T16:15:12.243",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to disclose kernel memory"
"value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Big Sur 11.7.5, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to disclose kernel memory"
}
],
"metrics": {
@ -94,7 +94,7 @@
]
},
{
"url": "https://support.apple.com/kb/HT213675",
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
}
]

12
CVE-2023/CVE-2023-279xx/CVE-2023-27942.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27942",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.733",
"lastModified": "2023-05-12T05:15:17.893",
"lastModified": "2023-05-19T16:15:12.313",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data"
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data"
}
],
"metrics": {
@ -112,6 +112,10 @@
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com",
@ -135,10 +139,6 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213675",
"source": "product-security@apple.com"
}
]
}

6
CVE-2023/CVE-2023-279xx/CVE-2023-27943.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27943",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.790",
"lastModified": "2023-05-12T19:05:15.243",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.387",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Files downloaded from the internet may not have the quarantine flag applied"
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Files downloaded from the internet may not have the quarantine flag applied"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27944.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27944",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.857",
"lastModified": "2023-05-13T01:54:28.363",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to break out of its sandbox"
"value": "This issue was addressed with a new entitlement. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to break out of its sandbox"
}
],
"metrics": {

8
CVE-2023/CVE-2023-279xx/CVE-2023-27945.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27945",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.930",
"lastModified": "2023-05-18T21:15:09.427",
"lastModified": "2023-05-19T16:15:12.550",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in Xcode 14.3. A sandboxed app may be able to collect system logs"
"value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Monterey 12.6.6, Xcode 14.3, macOS Big Sur 11.7.7. A sandboxed app may be able to collect system logs"
}
],
"metrics": {
@ -73,11 +73,11 @@
]
},
{
"url": "https://support.apple.com/kb/HT213759",
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT213760",
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]

6
CVE-2023/CVE-2023-279xx/CVE-2023-27946.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27946",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.990",
"lastModified": "2023-05-13T01:17:44.847",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.620",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27949.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27949",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.043",
"lastModified": "2023-05-13T01:16:20.123",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.680",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27951.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27951",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.100",
"lastModified": "2023-05-13T02:20:41.660",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.783",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An archive may be able to bypass Gatekeeper"
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An archive may be able to bypass Gatekeeper"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27953.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27953",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.207",
"lastModified": "2023-05-12T18:47:57.807",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.850",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
}
],
"metrics": {

14
CVE-2023/CVE-2023-279xx/CVE-2023-27954.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27954",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.267",
"lastModified": "2023-05-12T18:55:06.177",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.907",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information"
"value": "The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information"
}
],
"metrics": {
@ -125,14 +125,6 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00011.html",
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-279xx/CVE-2023-27955.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27955",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.317",
"lastModified": "2023-05-12T19:23:18.690",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:12.967",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to read arbitrary files"
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to read arbitrary files"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27956.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27956",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.383",
"lastModified": "2023-05-15T15:52:32.857",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.050",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
"value": "The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted image may result in disclosure of process memory"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27958.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27958",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.493",
"lastModified": "2023-05-13T01:19:47.873",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.123",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. A remote user may be able to cause unexpected system termination or corrupt kernel memory"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27961.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27961",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.663",
"lastModified": "2023-05-13T01:22:40.700",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.200",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. Importing a maliciously crafted calendar invitation may exfiltrate user information"
"value": "Multiple validation issues were addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. Importing a maliciously crafted calendar invitation may exfiltrate user information"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27962.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27962",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.717",
"lastModified": "2023-05-15T14:26:19.397",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.253",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to modify protected parts of the file system"
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to modify protected parts of the file system"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27963.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27963",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.773",
"lastModified": "2023-05-15T15:55:00.540",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.327",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the user"
"value": "The issue was addressed with additional permissions checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, watchOS 9.4, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the user"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27965.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27965",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:18.833",
"lastModified": "2023-05-15T15:48:24.220",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.383",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privileges"
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Studio Display Firmware Update 16.4, macOS Ventura 13.3. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {

6
CVE-2023/CVE-2023-279xx/CVE-2023-27969.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-27969",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.053",
"lastModified": "2023-05-15T15:39:33.713",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.480",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {

6
CVE-2023/CVE-2023-281xx/CVE-2023-28178.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28178",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.163",
"lastModified": "2023-05-15T13:32:31.600",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.567",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. An app may be able to bypass Privacy preferences"
"value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. An app may be able to bypass Privacy preferences"
}
],
"metrics": {

8
CVE-2023/CVE-2023-281xx/CVE-2023-28181.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28181",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.273",
"lastModified": "2023-05-18T21:15:09.510",
"lastModified": "2023-05-19T16:15:13.653",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.7, macOS Ventura 13.3, tvOS 16.4, iOS 15.7.6 and iPadOS 15.7.6, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {
@ -118,11 +118,11 @@
]
},
{
"url": "https://support.apple.com/kb/HT213760",
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT213765",
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]

6
CVE-2023/CVE-2023-281xx/CVE-2023-28182.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28182",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.330",
"lastModified": "2023-05-15T15:43:22.657",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.720",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device"
"value": "The issue was addressed with improved authentication. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device"
}
],
"metrics": {

13
CVE-2023/CVE-2023-281xx/CVE-2023-28189.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28189",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.417",
"lastModified": "2023-05-13T01:26:10.197",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.793",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to view sensitive information"
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7.5, macOS Ventura 13.3. An app may be able to view sensitive information"
}
],
"metrics": {
@ -80,11 +80,8 @@
]
},
{
"url": "https://support.apple.com/kb/HT213675",
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
"url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com"
}
]
}

6
CVE-2023/CVE-2023-281xx/CVE-2023-28192.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28192",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.577",
"lastModified": "2023-05-13T01:30:19.673",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. An app may be able to read sensitive location information"
"value": "A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, macOS Ventura 13.3. An app may be able to read sensitive location information"
}
],
"metrics": {

6
CVE-2023/CVE-2023-282xx/CVE-2023-28200.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28200",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.687",
"lastModified": "2023-05-13T01:34:45.267",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.913",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory"
"value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Ventura 13.3. An app may be able to disclose kernel memory"
}
],
"metrics": {

6
CVE-2023/CVE-2023-282xx/CVE-2023-28201.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-28201",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.747",
"lastModified": "2023-05-15T13:24:38.233",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-19T16:15:13.973",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution"
"value": "This issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution"
}
],
"metrics": {

59
CVE-2023/CVE-2023-284xx/CVE-2023-28410.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28410",
"sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:33.037",
"lastModified": "2023-05-10T14:38:31.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:01:30.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:i915_graphics:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "6.2.10",
"matchCriteriaId": "90E07F2A-FE23-476D-97E1-415A7CC5C13B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00886.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-285xx/CVE-2023-28514.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28514",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-19T15:15:08.750",
"lastModified": "2023-05-19T15:15:08.750",
"vulnStatus": "Received",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

52
CVE-2023/CVE-2023-285xx/CVE-2023-28520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28520",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-12T02:15:09.233",
"lastModified": "2023-05-12T14:22:01.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:13:10.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:planning_analytics_local:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E647C68C-3438-4635-BEBA-D6F5076DA50F"
}
]
}
]
}
],
"references": [
{
"url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/250454",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6986639",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-285xx/CVE-2023-28529.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-28529",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-19T16:15:14.057",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 251213."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/251213",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6988675",
"source": "psirt@us.ibm.com"
}
]
}

47
CVE-2023/CVE-2023-289xx/CVE-2023-28950.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-28950",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-19T16:15:14.163",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM MQ 8.0, 9.0, 9.1, 9.2, and 9.3 could disclose sensitive user information from a trace file if that functionality has been enabled. IBM X-Force ID: 251358."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.4,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251358",
"source": "psirt@us.ibm.com"
},
{
"url": "https://https://www.ibm.com/support/pages/node/6985837",
"source": "psirt@us.ibm.com"
}
]
}

88
CVE-2023/CVE-2023-28xx/CVE-2023-2814.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2814",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-19T17:15:09.163",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in SourceCodester Class Scheduling System 1.0. Affected is an unknown function of the file /admin/save_teacher.php of the component POST Parameter Handler. The manipulation of the argument Academic_Rank leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229428."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/jiy2020/bugReport/blob/main/XSS.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.229428",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.229428",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-28xx/CVE-2023-2815.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2815",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-19T17:15:09.233",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Online Jewelry Store 1.0. Affected by this vulnerability is an unknown functionality of the file supplier.php of the component POST Parameter Handler. The manipulation of the argument suppid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-229429 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/raozhir/CVERequest/blob/main/SQL.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.229429",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.229429",
"source": "cna@vuldb.com"
}
]
}

91
CVE-2023/CVE-2023-298xx/CVE-2023-29808.json Normal file
View File

@ -0,0 +1,91 @@
{
"id": "CVE-2023-29808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T01:15:09.707",
"lastModified": "2023-05-19T17:12:12.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:companymaps_project:companymaps:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91294F52-7029-4053-9C68-7080B8F251F9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vogtmh/cmaps",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/zPrototype/CVE-2023-29808",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://packetstormsecurity.com/files/172145/Companymaps-8.0-Cross-Site-Scripting.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

100
CVE-2023/CVE-2023-298xx/CVE-2023-29809.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2023-29809",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-12T01:15:09.743",
"lastModified": "2023-05-19T17:12:20.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:companymaps_project:companymaps:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "91294F52-7029-4053-9C68-7080B8F251F9"
}
]
}
]
}
],
"references": [
{
"url": "http://companymaps.com",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "http://maximilian.com",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://packetstormsecurity.com/files/172146/Companymaps-8.0-SQL-Injection.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/51422",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

65
CVE-2023/CVE-2023-301xx/CVE-2023-30194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30194",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T20:15:09.767",
"lastModified": "2023-05-11T13:36:30.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-19T17:18:13.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prestashop:poststaticfooter:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "ECE268A8-6951-44D9-9EE6-15548D92C801"
}
]
}
]
}
],
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/09/posstaticfooter.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://themeforest.net/user/posthemes/portfolio",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-301xx/CVE-2023-30199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30199",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-19T14:15:09.683",
"lastModified": "2023-05-19T14:15:09.683",
"vulnStatus": "Received",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30774",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-19T15:15:08.923",
"lastModified": "2023-05-19T15:15:08.923",
"vulnStatus": "Received",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30775",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-19T15:15:08.980",
"lastModified": "2023-05-19T15:15:08.980",
"vulnStatus": "Received",
"lastModified": "2023-05-19T17:53:19.810",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-316xx/CVE-2023-31698.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31698",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.463",
"lastModified": "2023-05-17T17:00:54.967",
"lastModified": "2023-05-19T17:15:09.303",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/172462/Bludit-CMS-3.14.1-Cross-Site-Scripting.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/bludit/bludit/issues/1509",
"source": "cve@mitre.org"

Some files were not shown because too many files have changed in this diff Show More