admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-10T18:00:24.343146+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-10 20:00:27 +02:00
parent ca9878494a
commit 0c41c9fd3d
43 changed files with 8373 additions and 236 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
CVE-2022/CVE-2022-307xx/CVE-2022-30759.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2022-30759",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T21:15:09.147",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:46:11.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:one-nds:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20.9",
"matchCriteriaId": "0428582C-5A0B-4CFB-AA47-975517F2C5D5"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/171971/Nokia-OneNDS-20.9-Insecure-Permissions-Privilege-Escalation.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.nokia.com/networks/products/one-nds/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

2694
CVE-2022/CVE-2022-316xx/CVE-2022-31643.json
View File

File diff suppressed because it is too large Load Diff

59
CVE-2022/CVE-2022-419xx/CVE-2022-41985.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-41985",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-05-10T16:15:09.400",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability exists in the Authentication functionality of Weston Embedded uC-FTPs v 1.98.00. A specially crafted set of network packets can lead to authentication bypass and denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-303"
}
]
}
],
"references": [
{
"url": "https://github.com/weston-embedded/uC-FTPs/pull/1",
"source": "talos-cna@cisco.com"
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1680",
"source": "talos-cna@cisco.com"
}
]
}

57
CVE-2022/CVE-2022-45xx/CVE-2022-4568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4568",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-05-01T15:15:09.160",
"lastModified": "2023-05-01T20:07:26.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T17:21:47.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:system_update:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.08.01.0005",
"matchCriteriaId": "EE6C7C81-EAE4-4566-9AB5-ECD045B5ED5A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-103545",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-463xx/CVE-2022-46377.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-46377",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-05-10T16:15:10.153",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-823"
}
]
}
],
"references": [
{
"url": "https://github.com/weston-embedded/uC-FTPs/pull/2",
"source": "talos-cna@cisco.com"
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1681",
"source": "talos-cna@cisco.com"
}
]
}

59
CVE-2022/CVE-2022-463xx/CVE-2022-46378.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-46378",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-05-10T16:15:10.413",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-823"
}
]
}
],
"references": [
{
"url": "https://github.com/weston-embedded/uC-FTPs/pull/2",
"source": "talos-cna@cisco.com"
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1681",
"source": "talos-cna@cisco.com"
}
]
}

82
CVE-2022/CVE-2022-484xx/CVE-2022-48482.json
View File

@ -2,23 +2,95 @@
"id": "CVE-2022-48482",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T05:15:27.407",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T17:11:08.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote attackers to read certain files via /Electron/download directory traversal. Files may have credentials, full backups, call recordings, and chat logs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0.2.315",
"matchCriteriaId": "4880CCEA-9410-4708-AB16-6EA5FA1A8437"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.3cx.com/blog/change-log/phone-system-change-log/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

71
CVE-2022/CVE-2022-484xx/CVE-2022-48483.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2022-48483",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T05:15:28.057",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:53:31.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %WINDIR%\\system32 files via /Electron/download directory traversal in conjunction with a path component that has a drive letter and uses backslash characters. NOTE: this issue exists because of an incomplete fix for CVE-2022-28005."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.0.3.461",
"matchCriteriaId": "17EF5885-D9C8-496B-A610-211788AB1B3E"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@frycos/pwning-3cx-phone-management-backends-from-the-internet-d0096339dd88",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.3cx.com/blog/change-log/phone-system-change-log/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

55
CVE-2023/CVE-2023-00xx/CVE-2023-0007.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0007",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-05-10T17:15:08.910",
"lastModified": "2023-05-10T17:15:08.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software on Panorama appliances enables an authenticated read-write administrator to store a JavaScript payload in the web interface that will execute in the context of another administrator\u2019s browser when viewed.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-80"
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0007",
"source": "psirt@paloaltonetworks.com"
}
]
}

55
CVE-2023/CVE-2023-00xx/CVE-2023-0008.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-0008",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-05-10T17:15:09.040",
"lastModified": "2023-05-10T17:15:09.040",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A file disclosure vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with access to the web interface to export local files from the firewall through a race condition.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-0008",
"source": "psirt@paloaltonetworks.com"
}
]
}

322
CVE-2023/CVE-2023-15xx/CVE-2023-1526.json
View File

@ -2,19 +2,333 @@
"id": "CVE-2023-1526",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-04-28T17:15:42.973",
"lastModified": "2023-04-28T17:43:00.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:47:44.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:designjet_z6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "jgr6_09_22_51.2",
"matchCriteriaId": "79275045-E680-4980-AE2E-E4B4FF2F9EF9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:designjet_z6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AC21A58-00BA-4EDF-9EF0-870AE44D218B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:designjet_z6dr_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "jgr6_09_22_51.2",
"matchCriteriaId": "D98922E6-9D13-499C-BD28-E6FE2BC60327"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:designjet_z6dr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9830F6D2-A1EF-48D9-A9FE-EF4F3CC37A9C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:designjet_z9_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "jgr9_09_22_51.2",
"matchCriteriaId": "DF1E5F8A-53F4-4575-B647-21FE43BD81D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:designjet_z9:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8876C93-02EA-4AB0-BD3E-E73C5293BD74"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:designjet_z9dr_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "jgr9_09_22_51.2",
"matchCriteriaId": "FBB204FE-BCF4-49E4-B86B-D8DAC3B65174"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:designjet_z9dr:-:*:*:*:*:*:*:*",
"matchCriteriaId": "944C8DAB-1262-4D78-943E-BE43FCA7AF86"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:designjet_z9\\+_pro_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5038AB0-6D73-4CC3-9790-82BADDBF48A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:designjet_z9\\+_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B5271B-CA09-45EB-BE82-5573E15BCB7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:pagewide_xl_4700:_firmware:-:*:*:*:*:*:*",
"matchCriteriaId": "9E35992F-797A-4210-AD84-B73119A8119D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:pagewide_xl_4700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7EFD29-61E5-44DD-BF9E-E7A94C7518D3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:pagewide_xl_4500:_firmware:-:*:*:*:*:*:*",
"matchCriteriaId": "59D4C8D4-634D-4328-BADA-586D0DB774B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:pagewide_xl_4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C79CA733-FC8F-409E-B7F5-17C62C352C07"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:pagewide_xl_4100:_firmware:-:*:*:*:*:*:*",
"matchCriteriaId": "F336F37C-C59F-48C4-884A-6EEFE2CEDBAE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:pagewide_xl_4100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8176BFFE-C208-4E5C-9D68-666A747D84B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:pagewide_xl_4600:_firmware:-:*:*:*:*:*:*",
"matchCriteriaId": "8D0C17BB-2F0F-4AD9-9C53-BE5F07D4817A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:pagewide_xl_4600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B438074-4FBD-4167-8B49-E632088108B1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hp:pagewide_xl_8000:_firmware:-:*:*:*:*:*:*",
"matchCriteriaId": "724920B8-F956-457F-9CBF-0F0620AC4630"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hp:pagewide_xl_8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9889CAC-98CE-48D8-B49B-BAB37CC8AFC2"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_7869666-7869691-16/hpsbpi03837",
"source": "hp-security-alert@hp.com"
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
]
}
]
}

164
CVE-2023/CVE-2023-249xx/CVE-2023-24958.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24958",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-04T14:15:10.173",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:20:12.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,138 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-vec_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.51.0",
"versionEndExcluding": "8.51.2.12",
"matchCriteriaId": "B197CD8D-54E2-484B-8738-76023E622849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-vec_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.52.100.0",
"versionEndExcluding": "8.52.102.13",
"matchCriteriaId": "E066D44A-254C-411A-B1DD-4A5CDA4158CA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ibm:3957-vec:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA5AFD00-4476-4F6D-B94B-CC5DC0AFFA85"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-ved_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.51.0",
"versionEndExcluding": "8.51.2.12",
"matchCriteriaId": "980CFAB9-3673-4204-92C0-ED354DCAE690"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-ved_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.52.100.0",
"versionEndExcluding": "8.52.102.13",
"matchCriteriaId": "C14361A3-98BE-4EC9-8F7C-5B12613AA4B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-ved_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.52.200.0",
"versionEndExcluding": "8.52.200.111",
"matchCriteriaId": "25F7347A-BA05-4798-ABBC-8DEA7828DCFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3957-ved_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.53.0",
"versionEndExcluding": "8.53.0.63",
"matchCriteriaId": "1999ACE8-40C7-4D9E-837A-E53C44F7A6E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ibm:3957-ved:-:*:*:*:*:*:*:*",
"matchCriteriaId": "224332D9-31A8-4EF3-B675-29783295E98F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:3948-ved_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.53.0",
"versionEndIncluding": "8.53.0.63",
"matchCriteriaId": "D76A6F44-751C-49D0-8834-2369F7B7A285"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ibm:3948-ved:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B531AEEC-2838-4A21-92B4-90BA2D06D1BC"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/246320",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6980845",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-260xx/CVE-2023-26010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26010",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T14:15:10.593",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:19:04.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmobile.app_project:wpmobile.app:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "11.19",
"matchCriteriaId": "341A09B9-2659-4E52-8B13-10A2764A4652"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpappninja/wordpress-wpmobile-app-android-and-ios-mobile-application-plugin-11-18-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-260xx/CVE-2023-26012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26012",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T14:15:11.090",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:18:12.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:custom_login_page_project:custom_login_page:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "D0CE5D52-D87F-4E10-BE10-5619F2ABD2BB"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-custom-login-page/wordpress-custom-login-page-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-262xx/CVE-2023-26268.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26268",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-02T21:15:09.233",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:08:34.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.3",
"matchCriteriaId": "78AD8F98-C0F4-423D-875B-B34A8AEB82C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3.0",
"versionEndExcluding": "3.3.2",
"matchCriteriaId": "1969B512-C576-47F3-86A2-A916AC792508"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cloudant:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8349",
"matchCriteriaId": "CA26A222-7576-432C-915E-F1FC87AE4751"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.couchdb.org/en/stable/cve/2023-26268.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.apache.org/thread/ldkqs0nhpmho26bdxf4fon7w75hsq5gl",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.apache.org/thread/r2wvjfysg3d92lhhjd1qh3wfr8mlp0pp",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

59
CVE-2023/CVE-2023-26xx/CVE-2023-2629.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2629",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-10T16:15:10.660",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository pimcore/customer-data-framework prior to 3.3.9."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/commit/4e0105c3a78d20686a0c010faef27d2297b98803",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/821ff465-4754-42d1-9376-813c17f16a01",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-26xx/CVE-2023-2630.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2630",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-10T16:15:11.157",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.21."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/7e32cc28145274ddfc30fb791012d26c1278bd38",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/e1001870-b8d8-4921-8b9c-bbdfb1a1491e",
"source": "security@huntr.dev"
}
]
}

78
CVE-2023/CVE-2023-278xx/CVE-2023-27892.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27892",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T21:15:09.337",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:07:16.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.2
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:shapeshift:keepkey_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5.2",
"versionEndExcluding": "7.7.0",
"matchCriteriaId": "A1C9272A-8363-487C-909D-4D7E7A1929D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:shapeshift:keepkey:-:*:*:*:*:*:*:*",
"matchCriteriaId": "663CE48F-F657-40AA-8954-EADA31C9DFB1"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.inhq.net/posts/keepkey-CVE-2023-27892/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/keepkey/keepkey-firmware/pull/337",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

3182
CVE-2023/CVE-2023-290xx/CVE-2023-29057.json
View File

File diff suppressed because it is too large Load Diff

65
CVE-2023/CVE-2023-298xx/CVE-2023-29827.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-29827",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T14:15:11.363",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:17:45.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ejs:ejs:3.1.9:*:*:*:*:node.js:*:*",
"matchCriteriaId": "E8921287-EB45-45B3-AFF2-93475E23B503"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mde/ejs/issues/720",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

80
CVE-2023/CVE-2023-298xx/CVE-2023-29856.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-29856",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T15:15:23.697",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T17:26:57.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-868l_firmware:1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E12017CD-9CA6-436F-8749-42A0C0422F05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-868l:a1:*:*:*:*:*:*:*",
"matchCriteriaId": "0D8A8303-F830-477F-8944-F1149A0CD521"
}
]
}
]
}
],
"references": [
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10325",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-298xx/CVE-2023-29867.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-29867",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T16:15:08.923",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T17:26:40.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zammad:zammad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.0",
"versionEndExcluding": "5.4.0",
"matchCriteriaId": "3045D03D-6898-46CE-B824-63371B30D621"
}
]
}
]
}
],
"references": [
{
"url": "https://zammad.com/en/advisories/zaa-2023-02",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-299xx/CVE-2023-29994.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29994",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T17:15:13.577",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:03:43.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emqx:nanomq:0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4383F876-3079-4AC1-A4A9-AE5719B1A077"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/emqx/nanomq/issues/1042",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

92
CVE-2023/CVE-2023-300xx/CVE-2023-30024.json
View File

@ -2,31 +2,109 @@
"id": "CVE-2023-30024",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T13:15:13.920",
"lastModified": "2023-04-28T14:11:00.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:12:16.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability found in MagicJack A921 USB Phone Jack Rev 3.0 v.1.4 allows a physically proximate attacker to escalate privileges and gain access to sensitive information via the NAND flash memory."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:magicjack:a921_firmware:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F592B448-BD06-4720-A6E9-316E461F359D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:magicjack:a921:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0660D42E-A7E4-431C-92AB-518DA02DE191"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/drive/folders/1cKd8hksThK610GPtBQ3du8DEkwKywlAi?usp=sharing",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://pastebin.com/raw/irWcawp8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://samuraisecurity.co.uk/red-teaming-0x01-click-rce-via-voip-usb/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
},
{
"url": "https://www.magicjack.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

24
CVE-2023/CVE-2023-303xx/CVE-2023-30351.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30351",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:11.497",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for root which is stored using weak encryption. This vulnerability allows attackers to connect to the TELNET service (or UART) by using the exposed credentials."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_PRA.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_RRA.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-303xx/CVE-2023-30352.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30352",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:11.690",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_RTSPa.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-303xx/CVE-2023-30353.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30353",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:11.860",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_uRCE.md",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-303xx/CVE-2023-30354.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30354",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.017",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be inserted for console access."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_NCD.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_PBA.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-303xx/CVE-2023-30356.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30356",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.187",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing Support for an Integrity Check in Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows attackers to update the device with crafted firmware"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/SECloudUNIMORE/ACES/blob/master/Tenda/CP3/tmp_MU.md",
"source": "cve@mitre.org"
}
]
}

80
CVE-2023/CVE-2023-304xx/CVE-2023-30403.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-30403",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-02T20:15:10.880",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:47:26.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:aigital:wireless-n_repeater_mini_router_firmware:0.131229:*:*:*:*:*:*:*",
"matchCriteriaId": "98062FCB-6507-4EDF-8445-6331EB735BBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:aigital:wireless-n_repeater_mini_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F57200-B5E5-482B-908F-B715109893B1"
}
]
}
]
}
],
"references": [
{
"url": "https://dl.packetstormsecurity.net/2305-exploits/aigitalwnr-bypass.txt",
"source": "cve@mitre.org"
},
{
"url": "https://mandomat.github.io/2023-04-13-testing-a-cheap-wifi-repeater/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-306xx/CVE-2023-30619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30619",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-04T14:15:11.663",
"lastModified": "2023-05-04T18:45:32.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:15:47.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:enalean:tuleap:*:*:*:*:community:*:*:*",
"versionStartIncluding": "14.7.99.76",
"versionEndExcluding": "14.7.99.143",
"matchCriteriaId": "413A17BF-37CE-413F-9FC3-62728A0713F7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Enalean/tuleap/commit/fdc93a736cbccad05de16ff0cc7cc3ef18dc93df",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-7fm3-cr3g-5922",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=fdc93a736cbccad05de16ff0cc7cc3ef18dc93df",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=31586",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-308xx/CVE-2023-30853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30853",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T16:15:10.127",
"lastModified": "2023-04-28T17:06:22.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T17:04:52.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradle:build_action:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.2",
"matchCriteriaId": "DF234E1A-9C17-407C-B5DE-703690D148F8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gradle/gradle-build-action/releases/tag/v2.4.2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/gradle/gradle-build-action/security/advisories/GHSA-h3qr-39j9-4r5v",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-308xx/CVE-2023-30856.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30856",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T16:15:10.260",
"lastModified": "2023-04-28T17:06:22.820",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:48:45.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-346"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,18 +80,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:edex-ui_project:edex-ui:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.2.8",
"matchCriteriaId": "86B052F3-CD9C-401F-BCDA-7BB1E037CE35"
}
]
}
]
}
],
"references": [
{
"url": "https://christian-schneider.net/CrossSiteWebSocketHijacking.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/GitSquared/edex-ui/blob/04a00c4079908788b371c6ecdefff96d0d9950f8/src/classes/terminal.class.js#L458",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/GitSquared/edex-ui/security/advisories/GHSA-q8xc-f2wf-ffh9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-309xx/CVE-2023-30943.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-30943",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-05-02T20:15:10.943",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:45:38.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
@ -23,18 +56,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "B4455906-4C25-43E1-BC53-EAAB4A535AB2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9C7598-4BB4-442A-86DF-EEDE041A4CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77718",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Patch"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188605",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=446285",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-309xx/CVE-2023-30944.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-30944",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-05-02T20:15:11.013",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-10T16:45:56.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "patrick@puiterwijk.org",
"type": "Secondary",
@ -23,18 +56,100 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.21",
"matchCriteriaId": "301CA8E4-1D63-49BE-B932-82AE0BFB5B6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11.0",
"versionEndExcluding": "3.11.14",
"matchCriteriaId": "85F0F625-B52F-4C54-AB89-1F96A9C61867"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.8",
"matchCriteriaId": "FB2B955B-4545-4A4E-AF10-A15D40B1EAA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0",
"versionEndExcluding": "4.1.3",
"matchCriteriaId": "B4455906-4C25-43E1-BC53-EAAB4A535AB2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D9C7598-4BB4-442A-86DF-EEDE041A4CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77187",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Patch"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188606",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=446286",
"source": "patrick@puiterwijk.org"
"source": "patrick@puiterwijk.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31554.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31554",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.263",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readPageLabelTree2(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS)."
}
],
"metrics": {},
"references": [
{
"url": "https://forum.xpdfreader.com/viewtopic.php?t=42421",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31555.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31555",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.317",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/podofo/podofo/issues/67",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31556.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31556",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.367",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/podofo/podofo/issues/66",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31557.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31557",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.427",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "xpdf pdfimages v4.04 was discovered to contain a stack overflow in the component Catalog::readEmbeddedFileTree(Object*). This vulnerability allows attackers to cause a Denial of Service (DoS)."
}
],
"metrics": {},
"references": [
{
"url": "https://forum.xpdfreader.com/viewtopic.php?t=42422&sid=acb8ed31bbd74223e3c4d0fb2552c748",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31566.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31566",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.567",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted()."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/podofo/podofo/issues/70",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31567.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31567",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.720",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/podofo/podofo/issues/71",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-315xx/CVE-2023-31568.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31568",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T16:15:12.810",
"lastModified": "2023-05-10T17:06:24.873",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/podofo/podofo/issues/72",
"source": "cve@mitre.org"
}
]
}

172
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-10T16:00:24.757312+00:00
2023-05-10T18:00:24.343146+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-10T15:37:47.167000+00:00
2023-05-10T17:26:57.547000+00:00
```
### Last Data Feed Release
@ -29,139 +29,61 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214823
214842
```
### CVEs added in the last Commit
Recently added CVEs: `99`
Recently added CVEs: `19`
* [CVE-2022-21162](CVE-2022/CVE-2022-211xx/CVE-2022-21162.json) (`2023-05-10T14:15:10.603`)
* [CVE-2022-21239](CVE-2022/CVE-2022-212xx/CVE-2022-21239.json) (`2023-05-10T14:15:10.920`)
* [CVE-2022-21804](CVE-2022/CVE-2022-218xx/CVE-2022-21804.json) (`2023-05-10T14:15:11.010`)
* [CVE-2022-25976](CVE-2022/CVE-2022-259xx/CVE-2022-25976.json) (`2023-05-10T14:15:11.097`)
* [CVE-2022-27180](CVE-2022/CVE-2022-271xx/CVE-2022-27180.json) (`2023-05-10T14:15:11.187`)
* [CVE-2022-28699](CVE-2022/CVE-2022-286xx/CVE-2022-28699.json) (`2023-05-10T14:15:11.267`)
* [CVE-2022-29508](CVE-2022/CVE-2022-295xx/CVE-2022-29508.json) (`2023-05-10T14:15:11.350`)
* [CVE-2022-29919](CVE-2022/CVE-2022-299xx/CVE-2022-29919.json) (`2023-05-10T14:15:11.480`)
* [CVE-2022-30338](CVE-2022/CVE-2022-303xx/CVE-2022-30338.json) (`2023-05-10T14:15:11.573`)
* [CVE-2022-31477](CVE-2022/CVE-2022-314xx/CVE-2022-31477.json) (`2023-05-10T14:15:11.667`)
* [CVE-2022-32576](CVE-2022/CVE-2022-325xx/CVE-2022-32576.json) (`2023-05-10T14:15:11.760`)
* [CVE-2022-32577](CVE-2022/CVE-2022-325xx/CVE-2022-32577.json) (`2023-05-10T14:15:11.837`)
* [CVE-2022-32578](CVE-2022/CVE-2022-325xx/CVE-2022-32578.json) (`2023-05-10T14:15:11.970`)
* [CVE-2022-32582](CVE-2022/CVE-2022-325xx/CVE-2022-32582.json) (`2023-05-10T14:15:12.113`)
* [CVE-2022-32766](CVE-2022/CVE-2022-327xx/CVE-2022-32766.json) (`2023-05-10T14:15:12.440`)
* [CVE-2022-33894](CVE-2022/CVE-2022-338xx/CVE-2022-33894.json) (`2023-05-10T14:15:12.630`)
* [CVE-2022-33963](CVE-2022/CVE-2022-339xx/CVE-2022-33963.json) (`2023-05-10T14:15:12.783`)
* [CVE-2022-34147](CVE-2022/CVE-2022-341xx/CVE-2022-34147.json) (`2023-05-10T14:15:12.977`)
* [CVE-2022-34848](CVE-2022/CVE-2022-348xx/CVE-2022-34848.json) (`2023-05-10T14:15:13.147`)
* [CVE-2022-34855](CVE-2022/CVE-2022-348xx/CVE-2022-34855.json) (`2023-05-10T14:15:13.243`)
* [CVE-2022-36339](CVE-2022/CVE-2022-363xx/CVE-2022-36339.json) (`2023-05-10T14:15:13.343`)
* [CVE-2022-36391](CVE-2022/CVE-2022-363xx/CVE-2022-36391.json) (`2023-05-10T14:15:13.440`)
* [CVE-2022-37327](CVE-2022/CVE-2022-373xx/CVE-2022-37327.json) (`2023-05-10T14:15:13.553`)
* [CVE-2022-37409](CVE-2022/CVE-2022-374xx/CVE-2022-37409.json) (`2023-05-10T14:15:13.647`)
* [CVE-2022-38087](CVE-2022/CVE-2022-380xx/CVE-2022-38087.json) (`2023-05-10T14:15:13.740`)
* [CVE-2022-38101](CVE-2022/CVE-2022-381xx/CVE-2022-38101.json) (`2023-05-10T14:15:13.833`)
* [CVE-2022-38103](CVE-2022/CVE-2022-381xx/CVE-2022-38103.json) (`2023-05-10T14:15:13.923`)
* [CVE-2022-38787](CVE-2022/CVE-2022-387xx/CVE-2022-38787.json) (`2023-05-10T14:15:14.017`)
* [CVE-2022-40207](CVE-2022/CVE-2022-402xx/CVE-2022-40207.json) (`2023-05-10T14:15:14.133`)
* [CVE-2022-40210](CVE-2022/CVE-2022-402xx/CVE-2022-40210.json) (`2023-05-10T14:15:14.267`)
* [CVE-2022-40685](CVE-2022/CVE-2022-406xx/CVE-2022-40685.json) (`2023-05-10T14:15:14.623`)
* [CVE-2022-40971](CVE-2022/CVE-2022-409xx/CVE-2022-40971.json) (`2023-05-10T14:15:14.987`)
* [CVE-2022-40972](CVE-2022/CVE-2022-409xx/CVE-2022-40972.json) (`2023-05-10T14:15:15.373`)
* [CVE-2022-40974](CVE-2022/CVE-2022-409xx/CVE-2022-40974.json) (`2023-05-10T14:15:15.933`)
* [CVE-2022-41610](CVE-2022/CVE-2022-416xx/CVE-2022-41610.json) (`2023-05-10T14:15:16.370`)
* [CVE-2022-41621](CVE-2022/CVE-2022-416xx/CVE-2022-41621.json) (`2023-05-10T14:15:16.763`)
* [CVE-2022-41628](CVE-2022/CVE-2022-416xx/CVE-2022-41628.json) (`2023-05-10T14:15:17.127`)
* [CVE-2022-41646](CVE-2022/CVE-2022-416xx/CVE-2022-41646.json) (`2023-05-10T14:15:17.533`)
* [CVE-2022-41658](CVE-2022/CVE-2022-416xx/CVE-2022-41658.json) (`2023-05-10T14:15:18.097`)
* [CVE-2022-41687](CVE-2022/CVE-2022-416xx/CVE-2022-41687.json) (`2023-05-10T14:15:18.417`)
* [CVE-2022-41690](CVE-2022/CVE-2022-416xx/CVE-2022-41690.json) (`2023-05-10T14:15:18.737`)
* [CVE-2022-41693](CVE-2022/CVE-2022-416xx/CVE-2022-41693.json) (`2023-05-10T14:15:19.067`)
* [CVE-2022-41699](CVE-2022/CVE-2022-416xx/CVE-2022-41699.json) (`2023-05-10T14:15:19.400`)
* [CVE-2022-41769](CVE-2022/CVE-2022-417xx/CVE-2022-41769.json) (`2023-05-10T14:15:19.750`)
* [CVE-2022-41771](CVE-2022/CVE-2022-417xx/CVE-2022-41771.json) (`2023-05-10T14:15:20.247`)
* [CVE-2022-41784](CVE-2022/CVE-2022-417xx/CVE-2022-41784.json) (`2023-05-10T14:15:20.730`)
* [CVE-2022-41801](CVE-2022/CVE-2022-418xx/CVE-2022-41801.json) (`2023-05-10T14:15:21.153`)
* [CVE-2022-41808](CVE-2022/CVE-2022-418xx/CVE-2022-41808.json) (`2023-05-10T14:15:21.477`)
* [CVE-2022-41979](CVE-2022/CVE-2022-419xx/CVE-2022-41979.json) (`2023-05-10T14:15:21.800`)
* [CVE-2022-41982](CVE-2022/CVE-2022-419xx/CVE-2022-41982.json) (`2023-05-10T14:15:22.117`)
* [CVE-2022-41998](CVE-2022/CVE-2022-419xx/CVE-2022-41998.json) (`2023-05-10T14:15:22.430`)
* [CVE-2022-42465](CVE-2022/CVE-2022-424xx/CVE-2022-42465.json) (`2023-05-10T14:15:22.740`)
* [CVE-2022-42878](CVE-2022/CVE-2022-428xx/CVE-2022-42878.json) (`2023-05-10T14:15:23.103`)
* [CVE-2022-43465](CVE-2022/CVE-2022-434xx/CVE-2022-43465.json) (`2023-05-10T14:15:23.423`)
* [CVE-2022-43474](CVE-2022/CVE-2022-434xx/CVE-2022-43474.json) (`2023-05-10T14:15:23.727`)
* [CVE-2022-43475](CVE-2022/CVE-2022-434xx/CVE-2022-43475.json) (`2023-05-10T14:15:24.070`)
* [CVE-2022-43507](CVE-2022/CVE-2022-435xx/CVE-2022-43507.json) (`2023-05-10T14:15:24.400`)
* [CVE-2022-44610](CVE-2022/CVE-2022-446xx/CVE-2022-44610.json) (`2023-05-10T14:15:24.720`)
* [CVE-2022-44619](CVE-2022/CVE-2022-446xx/CVE-2022-44619.json) (`2023-05-10T14:15:25.067`)
* [CVE-2022-45128](CVE-2022/CVE-2022-451xx/CVE-2022-45128.json) (`2023-05-10T14:15:25.387`)
* [CVE-2022-46279](CVE-2022/CVE-2022-462xx/CVE-2022-46279.json) (`2023-05-10T14:15:25.710`)
* [CVE-2022-46645](CVE-2022/CVE-2022-466xx/CVE-2022-46645.json) (`2023-05-10T14:15:26.070`)
* [CVE-2022-46656](CVE-2022/CVE-2022-466xx/CVE-2022-46656.json) (`2023-05-10T14:15:26.340`)
* [CVE-2023-22297](CVE-2023/CVE-2023-222xx/CVE-2023-22297.json) (`2023-05-10T14:15:26.607`)
* [CVE-2023-22312](CVE-2023/CVE-2023-223xx/CVE-2023-22312.json) (`2023-05-10T14:15:26.943`)
* [CVE-2023-22355](CVE-2023/CVE-2023-223xx/CVE-2023-22355.json) (`2023-05-10T14:15:27.240`)
* [CVE-2023-22379](CVE-2023/CVE-2023-223xx/CVE-2023-22379.json) (`2023-05-10T14:15:27.557`)
* [CVE-2023-22440](CVE-2023/CVE-2023-224xx/CVE-2023-22440.json) (`2023-05-10T14:15:27.873`)
* [CVE-2023-22442](CVE-2023/CVE-2023-224xx/CVE-2023-22442.json) (`2023-05-10T14:15:28.187`)
* [CVE-2023-22443](CVE-2023/CVE-2023-224xx/CVE-2023-22443.json) (`2023-05-10T14:15:28.600`)
* [CVE-2023-22447](CVE-2023/CVE-2023-224xx/CVE-2023-22447.json) (`2023-05-10T14:15:28.900`)
* [CVE-2023-22661](CVE-2023/CVE-2023-226xx/CVE-2023-22661.json) (`2023-05-10T14:15:29.207`)
* [CVE-2023-23569](CVE-2023/CVE-2023-235xx/CVE-2023-23569.json) (`2023-05-10T14:15:29.507`)
* [CVE-2023-23573](CVE-2023/CVE-2023-235xx/CVE-2023-23573.json) (`2023-05-10T14:15:29.840`)
* [CVE-2023-23580](CVE-2023/CVE-2023-235xx/CVE-2023-23580.json) (`2023-05-10T14:15:30.253`)
* [CVE-2023-23909](CVE-2023/CVE-2023-239xx/CVE-2023-23909.json) (`2023-05-10T14:15:30.667`)
* [CVE-2023-23910](CVE-2023/CVE-2023-239xx/CVE-2023-23910.json) (`2023-05-10T14:15:30.950`)
* [CVE-2023-24475](CVE-2023/CVE-2023-244xx/CVE-2023-24475.json) (`2023-05-10T14:15:31.273`)
* [CVE-2023-25175](CVE-2023/CVE-2023-251xx/CVE-2023-25175.json) (`2023-05-10T14:15:31.587`)
* [CVE-2023-25179](CVE-2023/CVE-2023-251xx/CVE-2023-25179.json) (`2023-05-10T14:15:31.930`)
* [CVE-2023-25545](CVE-2023/CVE-2023-255xx/CVE-2023-25545.json) (`2023-05-10T14:15:32.107`)
* [CVE-2023-25568](CVE-2023/CVE-2023-255xx/CVE-2023-25568.json) (`2023-05-10T14:15:32.187`)
* [CVE-2023-25771](CVE-2023/CVE-2023-257xx/CVE-2023-25771.json) (`2023-05-10T14:15:32.310`)
* [CVE-2023-25772](CVE-2023/CVE-2023-257xx/CVE-2023-25772.json) (`2023-05-10T14:15:32.397`)
* [CVE-2023-25776](CVE-2023/CVE-2023-257xx/CVE-2023-25776.json) (`2023-05-10T14:15:32.490`)
* [CVE-2023-27298](CVE-2023/CVE-2023-272xx/CVE-2023-27298.json) (`2023-05-10T14:15:32.563`)
* [CVE-2023-27382](CVE-2023/CVE-2023-273xx/CVE-2023-27382.json) (`2023-05-10T14:15:32.647`)
* [CVE-2023-27386](CVE-2023/CVE-2023-273xx/CVE-2023-27386.json) (`2023-05-10T14:15:32.740`)
* [CVE-2023-27562](CVE-2023/CVE-2023-275xx/CVE-2023-27562.json) (`2023-05-10T15:15:08.817`)
* [CVE-2023-27563](CVE-2023/CVE-2023-275xx/CVE-2023-27563.json) (`2023-05-10T15:15:09.483`)
* [CVE-2023-27564](CVE-2023/CVE-2023-275xx/CVE-2023-27564.json) (`2023-05-10T15:15:09.660`)
* [CVE-2023-28410](CVE-2023/CVE-2023-284xx/CVE-2023-28410.json) (`2023-05-10T14:15:33.037`)
* [CVE-2023-28411](CVE-2023/CVE-2023-284xx/CVE-2023-28411.json) (`2023-05-10T14:15:33.343`)
* [CVE-2023-29930](CVE-2023/CVE-2023-299xx/CVE-2023-29930.json) (`2023-05-10T15:15:09.803`)
* [CVE-2023-31471](CVE-2023/CVE-2023-314xx/CVE-2023-31471.json) (`2023-05-10T15:15:10.017`)
* [CVE-2023-31906](CVE-2023/CVE-2023-319xx/CVE-2023-31906.json) (`2023-05-10T15:15:10.187`)
* [CVE-2023-31907](CVE-2023/CVE-2023-319xx/CVE-2023-31907.json) (`2023-05-10T15:15:10.353`)
* [CVE-2023-31908](CVE-2023/CVE-2023-319xx/CVE-2023-31908.json) (`2023-05-10T15:15:10.533`)
* [CVE-2023-31910](CVE-2023/CVE-2023-319xx/CVE-2023-31910.json) (`2023-05-10T15:15:10.697`)
* [CVE-2022-41985](CVE-2022/CVE-2022-419xx/CVE-2022-41985.json) (`2023-05-10T16:15:09.400`)
* [CVE-2022-46377](CVE-2022/CVE-2022-463xx/CVE-2022-46377.json) (`2023-05-10T16:15:10.153`)
* [CVE-2022-46378](CVE-2022/CVE-2022-463xx/CVE-2022-46378.json) (`2023-05-10T16:15:10.413`)
* [CVE-2023-0007](CVE-2023/CVE-2023-00xx/CVE-2023-0007.json) (`2023-05-10T17:15:08.910`)
* [CVE-2023-0008](CVE-2023/CVE-2023-00xx/CVE-2023-0008.json) (`2023-05-10T17:15:09.040`)
* [CVE-2023-2629](CVE-2023/CVE-2023-26xx/CVE-2023-2629.json) (`2023-05-10T16:15:10.660`)
* [CVE-2023-2630](CVE-2023/CVE-2023-26xx/CVE-2023-2630.json) (`2023-05-10T16:15:11.157`)
* [CVE-2023-30351](CVE-2023/CVE-2023-303xx/CVE-2023-30351.json) (`2023-05-10T16:15:11.497`)
* [CVE-2023-30352](CVE-2023/CVE-2023-303xx/CVE-2023-30352.json) (`2023-05-10T16:15:11.690`)
* [CVE-2023-30353](CVE-2023/CVE-2023-303xx/CVE-2023-30353.json) (`2023-05-10T16:15:11.860`)
* [CVE-2023-30354](CVE-2023/CVE-2023-303xx/CVE-2023-30354.json) (`2023-05-10T16:15:12.017`)
* [CVE-2023-30356](CVE-2023/CVE-2023-303xx/CVE-2023-30356.json) (`2023-05-10T16:15:12.187`)
* [CVE-2023-31554](CVE-2023/CVE-2023-315xx/CVE-2023-31554.json) (`2023-05-10T16:15:12.263`)
* [CVE-2023-31555](CVE-2023/CVE-2023-315xx/CVE-2023-31555.json) (`2023-05-10T16:15:12.317`)
* [CVE-2023-31556](CVE-2023/CVE-2023-315xx/CVE-2023-31556.json) (`2023-05-10T16:15:12.367`)
* [CVE-2023-31557](CVE-2023/CVE-2023-315xx/CVE-2023-31557.json) (`2023-05-10T16:15:12.427`)
* [CVE-2023-31566](CVE-2023/CVE-2023-315xx/CVE-2023-31566.json) (`2023-05-10T16:15:12.567`)
* [CVE-2023-31567](CVE-2023/CVE-2023-315xx/CVE-2023-31567.json) (`2023-05-10T16:15:12.720`)
* [CVE-2023-31568](CVE-2023/CVE-2023-315xx/CVE-2023-31568.json) (`2023-05-10T16:15:12.810`)
### CVEs modified in the last Commit
Recently modified CVEs: `21`
Recently modified CVEs: `23`
* [CVE-2022-40302](CVE-2022/CVE-2022-403xx/CVE-2022-40302.json) (`2023-05-10T15:18:03.120`)
* [CVE-2022-40318](CVE-2022/CVE-2022-403xx/CVE-2022-40318.json) (`2023-05-10T15:18:05.483`)
* [CVE-2022-43681](CVE-2022/CVE-2022-436xx/CVE-2022-43681.json) (`2023-05-10T15:17:58.587`)
* [CVE-2022-47758](CVE-2022/CVE-2022-477xx/CVE-2022-47758.json) (`2023-05-10T14:48:13.287`)
* [CVE-2022-47874](CVE-2022/CVE-2022-478xx/CVE-2022-47874.json) (`2023-05-10T14:07:40.213`)
* [CVE-2022-47878](CVE-2022/CVE-2022-478xx/CVE-2022-47878.json) (`2023-05-10T14:10:16.187`)
* [CVE-2023-25438](CVE-2023/CVE-2023-254xx/CVE-2023-25438.json) (`2023-05-10T15:37:47.167`)
* [CVE-2023-26089](CVE-2023/CVE-2023-260xx/CVE-2023-26089.json) (`2023-05-10T15:27:30.670`)
* [CVE-2023-26546](CVE-2023/CVE-2023-265xx/CVE-2023-26546.json) (`2023-05-10T14:29:42.873`)
* [CVE-2023-27568](CVE-2023/CVE-2023-275xx/CVE-2023-27568.json) (`2023-05-10T15:25:41.497`)
* [CVE-2023-27971](CVE-2023/CVE-2023-279xx/CVE-2023-27971.json) (`2023-05-10T14:18:43.993`)
* [CVE-2023-27972](CVE-2023/CVE-2023-279xx/CVE-2023-27972.json) (`2023-05-10T14:19:50.560`)
* [CVE-2023-29638](CVE-2023/CVE-2023-296xx/CVE-2023-29638.json) (`2023-05-10T14:14:15.467`)
* [CVE-2023-30093](CVE-2023/CVE-2023-300xx/CVE-2023-30093.json) (`2023-05-10T14:15:33.787`)
* [CVE-2023-30094](CVE-2023/CVE-2023-300xx/CVE-2023-30094.json) (`2023-05-10T14:15:34.343`)
* [CVE-2023-30095](CVE-2023/CVE-2023-300xx/CVE-2023-30095.json) (`2023-05-10T14:15:34.780`)
* [CVE-2023-30096](CVE-2023/CVE-2023-300xx/CVE-2023-30096.json) (`2023-05-10T14:15:35.217`)
* [CVE-2023-30097](CVE-2023/CVE-2023-300xx/CVE-2023-30097.json) (`2023-05-10T14:15:35.590`)
* [CVE-2023-30205](CVE-2023/CVE-2023-302xx/CVE-2023-30205.json) (`2023-05-10T15:27:26.073`)
* [CVE-2023-30639](CVE-2023/CVE-2023-306xx/CVE-2023-30639.json) (`2023-05-10T14:25:50.757`)
* [CVE-2023-31290](CVE-2023/CVE-2023-312xx/CVE-2023-31290.json) (`2023-05-10T15:27:15.117`)
* [CVE-2022-30759](CVE-2022/CVE-2022-307xx/CVE-2022-30759.json) (`2023-05-10T16:46:11.517`)
* [CVE-2022-31643](CVE-2022/CVE-2022-316xx/CVE-2022-31643.json) (`2023-05-10T17:05:29.027`)
* [CVE-2022-4568](CVE-2022/CVE-2022-45xx/CVE-2022-4568.json) (`2023-05-10T17:21:47.793`)
* [CVE-2022-48482](CVE-2022/CVE-2022-484xx/CVE-2022-48482.json) (`2023-05-10T17:11:08.560`)
* [CVE-2022-48483](CVE-2022/CVE-2022-484xx/CVE-2022-48483.json) (`2023-05-10T16:53:31.000`)
* [CVE-2023-1526](CVE-2023/CVE-2023-15xx/CVE-2023-1526.json) (`2023-05-10T16:47:44.507`)
* [CVE-2023-24958](CVE-2023/CVE-2023-249xx/CVE-2023-24958.json) (`2023-05-10T16:20:12.727`)
* [CVE-2023-26010](CVE-2023/CVE-2023-260xx/CVE-2023-26010.json) (`2023-05-10T16:19:04.733`)
* [CVE-2023-26012](CVE-2023/CVE-2023-260xx/CVE-2023-26012.json) (`2023-05-10T16:18:12.210`)
* [CVE-2023-26268](CVE-2023/CVE-2023-262xx/CVE-2023-26268.json) (`2023-05-10T16:08:34.207`)
* [CVE-2023-27892](CVE-2023/CVE-2023-278xx/CVE-2023-27892.json) (`2023-05-10T16:07:16.483`)
* [CVE-2023-29057](CVE-2023/CVE-2023-290xx/CVE-2023-29057.json) (`2023-05-10T16:09:19.657`)
* [CVE-2023-29827](CVE-2023/CVE-2023-298xx/CVE-2023-29827.json) (`2023-05-10T16:17:45.330`)
* [CVE-2023-29856](CVE-2023/CVE-2023-298xx/CVE-2023-29856.json) (`2023-05-10T17:26:57.547`)
* [CVE-2023-29867](CVE-2023/CVE-2023-298xx/CVE-2023-29867.json) (`2023-05-10T17:26:40.840`)
* [CVE-2023-29994](CVE-2023/CVE-2023-299xx/CVE-2023-29994.json) (`2023-05-10T16:03:43.517`)
* [CVE-2023-30024](CVE-2023/CVE-2023-300xx/CVE-2023-30024.json) (`2023-05-10T16:12:16.157`)
* [CVE-2023-30403](CVE-2023/CVE-2023-304xx/CVE-2023-30403.json) (`2023-05-10T16:47:26.307`)
* [CVE-2023-30619](CVE-2023/CVE-2023-306xx/CVE-2023-30619.json) (`2023-05-10T16:15:47.917`)
* [CVE-2023-30853](CVE-2023/CVE-2023-308xx/CVE-2023-30853.json) (`2023-05-10T17:04:52.693`)
* [CVE-2023-30856](CVE-2023/CVE-2023-308xx/CVE-2023-30856.json) (`2023-05-10T16:48:45.100`)
* [CVE-2023-30943](CVE-2023/CVE-2023-309xx/CVE-2023-30943.json) (`2023-05-10T16:45:38.793`)
* [CVE-2023-30944](CVE-2023/CVE-2023-309xx/CVE-2023-30944.json) (`2023-05-10T16:45:56.060`)
## Download and Usage