admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-08T00:55:21.260431+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-08 00:55:24 +00:00
parent 09af3cc5ce
commit 0c50ffb69c
43 changed files with 5019 additions and 222 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
CVE-2020/CVE-2020-367xx/CVE-2020-36767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36767",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T19:15:07.767",
"lastModified": "2023-10-31T12:58:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:50:33.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,80 @@
"value": "tinyfiledialogs (tambi\u00e9n conocido como di\u00e1logos de archivos peque\u00f1os) anteriores a 3.8.0 permite metacaracteres de shell en t\u00edtulos, mensajes y otros datos de entrada."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vareille:tinyfiledialogs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.8.0",
"matchCriteriaId": "9EB85E3F-EB36-4152-9949-76F2A9FA6384"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/servo/servo/issues/25498#issuecomment-703527082",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

65
CVE-2022/CVE-2022-391xx/CVE-2022-39172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39172",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T22:15:09.677",
"lastModified": "2023-10-31T12:58:37.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:10:09.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Un XSS almacenado en la descripci\u00f3n general del proceso (bersicht zugewiesener Vorgaenge) en mbsupport openVIVA c2 20220101 permite a un atacante remoto, autenticado y con pocos privilegios ejecutar c\u00f3digo arbitrario en el navegador de la v\u00edctima a trav\u00e9s del campo de nombre de un proceso."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:viva-project:openviva:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022-08-01",
"matchCriteriaId": "02ABC630-96B1-40BE-8DF5-B3FED9566F00"
}
]
}
]
}
],
"references": [
{
"url": "https://sec-consult.com/vulnerability-lab/advisory/stored-cross-site-scripting-in-mb-support-broker-management-solution-openviva-c2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

1551
CVE-2022/CVE-2022-45xx/CVE-2022-4574.json
View File

File diff suppressed because it is too large Load Diff

399
CVE-2022/CVE-2022-45xx/CVE-2022-4575.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-4575",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-30T15:15:40.493",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:24:18.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot.\n\n"
},
{
"lang": "es",
"value": "Se inform\u00f3 una vulnerabilidad debido a una protecci\u00f3n de escritura inadecuada de las variables UEFI en el BIOS de algunos modelos ThinkPad que podr\u00eda permitir a un atacante con acceso f\u00edsico o local y privilegios elevados la capacidad de evitar el Arranque Seguro."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +70,379 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_25_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.73",
"matchCriteriaId": "69482281-C769-4A54-82F9-DDE21352E863"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_25:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1EE4830F-2C86-4DF0-8E37-D2894B4518FF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l560_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.62",
"matchCriteriaId": "4362D746-DD0C-470F-B5A9-467F1D7452E1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4FDA2BC8-0ABC-41EA-80BF-00B36564F0A1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.71",
"matchCriteriaId": "604DD8CD-0171-4E37-96A0-57BD476B3236"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A146DB0-4E3D-491B-8D30-EBF0F3BC17B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p50s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.45",
"matchCriteriaId": "60B73D7B-F3B4-4538-9948-C6CD77B285C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p50s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F583B121-A68C-463B-9D72-06061F74D007"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p70_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.45",
"matchCriteriaId": "BB0F8FB2-BE50-4BCD-B6DE-ECFEA827131E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p70:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1669BD8-C96F-4302-8E80-53D90EA719CA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t470_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.73",
"matchCriteriaId": "3E67930D-A5AB-4A3B-856B-24C1318E4ACF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t470:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6515A024-F5A8-494F-BCB6-0DD2D1CA4EA7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t470s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.49",
"matchCriteriaId": "3E151912-165B-4319-9F6B-E1C556E3854A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t470s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A93959B3-4DE0-4AD3-8242-BF0BB45FABF4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t560_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.45",
"matchCriteriaId": "4C5103D6-9E75-4DC4-8313-E2B661250835"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84478711-E030-42CD-9B8A-0C54C8DB8128"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_carbon_4th_gen_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.56",
"matchCriteriaId": "118EC48B-FA03-4988-AD83-E38464B342D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_carbon_4th_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "490D663D-DAE1-483D-A150-5528A057C142"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_x1_yoga_1st_gen_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.56",
"matchCriteriaId": "9E586511-8E9D-45AF-904A-115732553505"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_x1_yoga_1st_gen:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1D38511-2973-452B-9DCC-A45945ACFF28"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_x260_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.50",
"matchCriteriaId": "0314AA8D-65E0-400F-914E-BF458B5F864B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_x260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08393A13-D68E-4042-B223-EF80E581EEBC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_x270_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.47",
"matchCriteriaId": "4DCB9081-2919-4B4F-89DF-06EBF1B9CB09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_x270:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94532BBF-D9CF-4164-BACA-AFEA8C35806C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_yoga_260_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.88",
"matchCriteriaId": "6391D505-92DF-4511-8A43-5117F6D42D69"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_yoga_260:-:*:*:*:*:*:*:*",
"matchCriteriaId": "051E3938-B988-40E3-B8FB-725886A1EA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-106014",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

149
CVE-2022/CVE-2022-484xx/CVE-2022-48454.json
View File

@ -2,19 +2,160 @@
"id": "CVE-2022-48454",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.507",
"lastModified": "2023-11-01T12:51:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:27:28.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "En el servicio wifi, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

149
CVE-2022/CVE-2022-484xx/CVE-2022-48455.json
View File

@ -2,19 +2,160 @@
"id": "CVE-2022-48455",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.620",
"lastModified": "2023-11-01T12:51:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:27:22.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "En el servicio wifi, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

149
CVE-2022/CVE-2022-484xx/CVE-2022-48456.json
View File

@ -2,19 +2,160 @@
"id": "CVE-2022-48456",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.667",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:27:14.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed"
},
{
"lang": "es",
"value": "En el controlador de la c\u00e1mara, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n de System necesarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2022/CVE-2022-484xx/CVE-2022-48457.json
View File

@ -2,19 +2,155 @@
"id": "CVE-2022-48457",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.717",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:27:04.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "En TeleService existe una posible ca\u00edda del sistema debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2022/CVE-2022-484xx/CVE-2022-48458.json
View File

@ -2,19 +2,155 @@
"id": "CVE-2022-48458",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.767",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:55.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "En TeleService existe una posible ca\u00edda del sistema debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2022/CVE-2022-484xx/CVE-2022-48459.json
View File

@ -2,19 +2,155 @@
"id": "CVE-2022-48459",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.817",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:46.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "En TeleService existe una posible ca\u00edda del sistema debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

144
CVE-2022/CVE-2022-484xx/CVE-2022-48460.json
View File

@ -2,19 +2,155 @@
"id": "CVE-2022-48460",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.867",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:37.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed"
},
{
"lang": "es",
"value": "Al configurar el servicio, existe un posible comportamiento indefinido debido a un manejo incorrecto de errores. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BF3D9050-DFED-4D7B-BB17-24408D344EC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

149
CVE-2022/CVE-2022-484xx/CVE-2022-48461.json
View File

@ -2,19 +2,160 @@
"id": "CVE-2022-48461",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-11-01T10:15:08.917",
"lastModified": "2023-11-01T12:51:08.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:25.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
},
{
"lang": "es",
"value": "En el controlador del sensor, existe una posible escritura fuera de los l\u00edmites debido a la falta de verificaci\u00f3n de los l\u00edmites. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n de System necesarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "16820CAF-0A8A-45C8-B5A8-979EA0407389"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "08A26AC2-409E-499A-B0D5-8C2B5038947D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-369xx/CVE-2023-36920.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-36920",
"sourceIdentifier": "cna@sap.com",
"published": "2023-10-30T17:15:52.260",
"lastModified": "2023-10-30T17:20:42.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:16:23.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated attacker to attempt clickjacking, which could result in disclosure or modification of information.\n\n\n"
},
{
"lang": "es",
"value": "En SAP Enable Now - versiones WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS el encabezado de respuesta no est\u00e1 implementado, lo que permite que un atacante no autenticado intente hacer click, lo que podr\u00eda resultar en la divulgaci\u00f3n o modificaci\u00f3n de informaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -36,7 +60,7 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +68,64 @@
"value": "CWE-1021"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enable_now_enable_now_consump_del:1704:*:*:*:*:*:*:*",
"matchCriteriaId": "3C52E900-DC61-4CAF-B44C-620BE1159809"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enable_now_wpb_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A615B74-6E92-4697-BB88-53F8CB644644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enable_now_wpb_manager_ce:10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD4FB19-3590-4E47-A179-55C3DDC329B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:enable_now_wpb_manager_hana:10:*:*:*:*:*:*:*",
"matchCriteriaId": "96C53603-D5E9-4F2C-8D15-3AC2EFF6BA66"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/3326769",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-401xx/CVE-2023-40139.json
View File

@ -2,23 +2,100 @@
"id": "CVE-2023-40139",
"sourceIdentifier": "security@android.com",
"published": "2023-10-27T21:15:09.353",
"lastModified": "2023-10-29T01:44:22.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:51:24.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In FillUi of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En FillUi de FillUi.java, existe una manera posible de ver las im\u00e1genes de otro usuario debido a un diputado confundido. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/08becc8c600f14c5529115cc1a1e0c97cd503f33",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-10-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-401xx/CVE-2023-40140.json
View File

@ -2,23 +2,100 @@
"id": "CVE-2023-40140",
"sourceIdentifier": "security@android.com",
"published": "2023-10-27T21:15:09.397",
"lastModified": "2023-10-29T01:44:22.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:49:07.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In android_view_InputDevice_create of android_view_InputDevice.cpp, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
},
{
"lang": "es",
"value": "En android_view_InputDevice_create de android_view_InputDevice.cpp, existe una forma posible de ejecutar c\u00f3digo arbitrario debido a un use-after-free. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/2d88a5c481df8986dbba2e02c5bf82f105b36243",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-10-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-418xx/CVE-2023-41891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41891",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-30T19:15:07.883",
"lastModified": "2023-10-31T12:58:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:26:21.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flyte:flyteadmin:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.124",
"matchCriteriaId": "9CB20F8F-3916-4352-95AE-447581F07EFC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/flyteorg/flyteadmin/commit/b3177ef70f068e908140b8a4a9913dfa74f289fd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/flyteorg/flyteadmin/security/advisories/GHSA-r847-6w6h-r8g4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://owasp.org/www-community/attacks/SQL_Injection#",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-423xx/CVE-2023-42323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42323",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T22:15:10.320",
"lastModified": "2023-10-31T12:58:37.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:09:02.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "La vulnerabilidad de Cross-Site Request Forgery (CSRF) en DouHaocms v.3.3 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del archivo adminAction.class.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mnbvcxz131421:douhaocms:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CB882AE8-096E-4BBE-9314-0DFDF85C8DB1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mnbvcxz131421/douhaocms/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-428xx/CVE-2023-42803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42803",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-30T19:15:07.963",
"lastModified": "2023-10-31T12:58:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:25:21.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,63 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.18",
"matchCriteriaId": "5F3F6566-B94F-4CBC-B1BA-DACA51865D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "83C1F894-31BC-4C2D-AD62-837D990257CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "84EE596E-A3F6-4B29-B51D-CAE19A74D5E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "A8DD6CB9-0B7E-4C4E-BDC6-D8FD1B85882D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "1BA4033B-60B8-4674-98CA-F5794B905362"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "66F6441F-A11A-424B-BB9C-1CFF5F95B02E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15990",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-w98f-6x8w-xhjc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-428xx/CVE-2023-42804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42804",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-30T19:15:08.037",
"lastModified": "2023-10-31T12:58:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:17:42.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,58 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.5.18",
"matchCriteriaId": "5F3F6566-B94F-4CBC-B1BA-DACA51865D76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "83C1F894-31BC-4C2D-AD62-837D990257CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "84EE596E-A3F6-4B29-B51D-CAE19A74D5E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "A8DD6CB9-0B7E-4C4E-BDC6-D8FD1B85882D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.6.0:alpha4:*:*:*:*:*:*",
"matchCriteriaId": "1BA4033B-60B8-4674-98CA-F5794B905362"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/15960",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3qjg-229m-vq84",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-437xx/CVE-2023-43797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43797",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-30T23:15:08.317",
"lastModified": "2023-10-31T12:58:37.550",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:08:05.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,71 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.11",
"matchCriteriaId": "E83CAE24-2B29-4265-B5E8-17E89637F0DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "C05D5D11-75BE-41FA-A62F-61F35B16BA9A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "C23D21AA-EF44-4F61-9775-57E3AF206CEE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:alpha3:*:*:*:*:*:*",
"matchCriteriaId": "1E95E50E-3C1E-438A-BAEC-AE0DF69B2937"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "A7EC2B6A-1A13-40FE-85D6-30D596813394"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:2.7.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "5A7D33D7-AE88-4ED4-82A4-BCFA7E828AD1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/304bc851a00558f99a908880f4ac44234a074c9d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18392",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-v6wg-q866-h73x",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43984.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43984",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-07T23:15:07.680",
"lastModified": "2023-11-07T23:15:07.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure permissions in Smart Soft advancedexport before v4.4.7 allow unauthenticated attackers to arbitrarily download user information from the ps_customer table."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/11/07/advancedexport.html",
"source": "cve@mitre.org"
}
]
}

32
CVE-2023/CVE-2023-443xx/CVE-2023-44323.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-44323",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-10-30T15:15:40.980",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:23:53.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Adobe Acrobat para Edge versi\u00f3n 118.0.2088.46 (y anteriores) se ve afectado por una vulnerabilidad use-after-free. Un atacante no autenticado podr\u00eda aprovechar esta vulnerabilidad para lograr una denegaci\u00f3n de servicio de la aplicaci\u00f3n en el contexto del usuario actual. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario, ya que la v\u00edctima debe abrir un archivo malicioso."
}
],
"metrics": {
@ -46,10 +50,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.2088.76",
"matchCriteriaId": "635F392D-E4E1-4D91-B603-C28F7BF015A4"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44323",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-453xx/CVE-2023-45336.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45336",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.543",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:52:59.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'password' del recurso routers/router.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -46,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

48
CVE-2023/CVE-2023-453xx/CVE-2023-45337.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45337",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.627",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:05.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the routers/router.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'username' del recurso routers/router.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -36,7 +40,7 @@
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +48,50 @@
"value": "CWE-89"
}
]
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

36
CVE-2023/CVE-2023-453xx/CVE-2023-45339.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45339",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.713",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:10.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'type' parameter of the routers/add-ticket.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'type' del recurso routers/add-ticket.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -46,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

36
CVE-2023/CVE-2023-453xx/CVE-2023-45340.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45340",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.793",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:16.033",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/details-router.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'phone' del recurso routers/details-router.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -46,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

36
CVE-2023/CVE-2023-453xx/CVE-2023-45341.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45341",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.870",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:21.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The '*_price' parameter of the routers/menu-router.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro '*_price' del recurso routers/menu-router.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -46,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

58
CVE-2023/CVE-2023-453xx/CVE-2023-45342.json
View File

@ -2,18 +2,22 @@
"id": "CVE-2023-45342",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:12.957",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:30.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'phone' parameter of the routers/register-router.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'phone' del recurso routers/register-router.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +35,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -46,14 +70,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

36
CVE-2023/CVE-2023-453xx/CVE-2023-45343.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45343",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-11-02T14:15:13.033",
"lastModified": "2023-11-02T14:26:30.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:53:35.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Online Food Ordering System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'ticket_id' parameter of the routers/ticket-message.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n"
},
{
"lang": "es",
"value": "Online Food Ordering System v1.0 es afectado por m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL no autenticada. El par\u00e1metro 'ticket_id' del recurso routers/ticket-message.php no valida los caracteres recibidos y se env\u00edan sin filtrar a la base de datos."
}
],
"metrics": {
@ -46,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_script_project:online_food_ordering_script:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC64A1FC-FDA0-46E7-A27E-1E718E55FAA2"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/hann",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

20
CVE-2023/CVE-2023-453xx/CVE-2023-45380.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-45380",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-07T23:15:07.780",
"lastModified": "2023-11-07T23:15:07.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the module \"Order Duplicator \" Clone and Delete Existing Order\" (orderduplicate) in version <= 1.1.7 from Silbersaiten for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can download personal information from ps_customer/ps_address tables such as name / surname / phone number / full postal address."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/11/07/orderduplicate.html",
"source": "cve@mitre.org"
}
]
}

76
CVE-2023/CVE-2023-462xx/CVE-2023-46215.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-46215",
"sourceIdentifier": "security@apache.org",
"published": "2023-10-28T08:15:07.553",
"lastModified": "2023-10-29T01:44:12.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:45:55.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow.\n\nSensitive information logged as clear text when rediss, amqp, rpc protocols are used as Celery result backend\nNote: the\u00a0vulnerability is about the information exposed in the logs not about accessing the logs.\n\nThis issue affects Apache Airflow Celery provider: from 3.3.0 through 3.4.0; Apache Airflow: from 1.10.0 through 2.6.3.\n\nUsers are recommended to upgrade Airflow Celery provider to version 3.4.1\u00a0and Apache Airlfow to version 2.7.0 which fixes the issue.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de inserci\u00f3n de informaci\u00f3n confidencial en un archivo de registro en el proveedor de Apache Airflow Celery, Apache Airflow. La informaci\u00f3n confidencial se registra como texto plano cuando los protocolos rediss, amqp y rpc se utilizan como backend de resultados de Celery. Nota: la vulnerabilidad se refiere a la informaci\u00f3n expuesta en los registros, no al acceso a los registros. Este problema afecta al proveedor Apache Airflow Celery: desde 3.3.0 hasta 3.4.0; Apache Airflow: desde 1.10.0 hasta 2.6.3. Se recomienda a los usuarios actualizar el proveedor Airflow Celery a la versi\u00f3n 3.4.1 y Apache Airlfow a la versi\u00f3n 2.7.0, que soluciona el problema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,18 +50,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.10.0",
"versionEndExcluding": "2.7.0",
"matchCriteriaId": "1295ECA3-F760-4A73-B48E-6B9B8AB521E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow_celery_provider:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3.0",
"versionEndIncluding": "3.4.0",
"matchCriteriaId": "5CD91624-B6CA-4F93-8965-EF7F1D214B70"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/28/1",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/apache/airflow/pull/34954",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/wm1jfmks7r6m7bj0mq4lmw3998svn46n",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-465xx/CVE-2023-46510.json
View File

@ -2,19 +2,90 @@
"id": "CVE-2023-46510",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-27T21:15:09.947",
"lastModified": "2023-10-29T01:44:22.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:54:34.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to execute arbitrary code via the cig-bin/cstecgi.cgi to the settings/setPasswordCfg function."
},
{
"lang": "es",
"value": "Un problema en ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de cig-bin/cstecgi.cgi en la funci\u00f3n settings/setPasswordCfg."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zioncom:a7000r_firmware:4.1cu.4154:*:*:*:*:*:*:*",
"matchCriteriaId": "489C4BF8-5679-473A-A8A0-F5E7A1678344"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zioncom:a7000r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "013BA5C3-B93C-4AD6-8C2D-482F89E3C817"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/ATonysan/58ace23d539981441bca16ce0f7585e2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-470xx/CVE-2023-47090.json
View File

@ -2,27 +2,102 @@
"id": "CVE-2023-47090",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T17:15:52.467",
"lastModified": "2023-10-30T21:15:07.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:15:54.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NATS nats-server before 2.9.23 and 2.10.x before 2.10.2 has an authentication bypass. An implicit $G user in an authorization block can sometimes be used for unauthenticated access, even when the intention of the configuration was for each user to have an account. The earliest affected version is 2.2.0."
},
{
"lang": "es",
"value": "NATS nats-server anterior a 2.9.23 y 2.10.x anterior a 2.10.2 tiene una omisi\u00f3n de autenticaci\u00f3n. Un usuario $G impl\u00edcito en un bloque de autorizaci\u00f3n a veces se puede utilizar para acceso no autenticado, incluso cuando la intenci\u00f3n de la configuraci\u00f3n era que cada usuario tuviera una cuenta. La primera versi\u00f3n afectada es la 2.2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.9.23",
"matchCriteriaId": "614FF4B7-8B2D-473A-8455-441CA8A74915"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.10.0",
"versionEndExcluding": "2.10.2",
"matchCriteriaId": "852E9346-57E4-4B4A-8EC7-AE9F4532BE18"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/30/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://github.com/nats-io/nats-server/security/advisories/GHSA-fr2g-9hjm-wr23",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/10/13/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Mitigation"
]
}
]
}

73
CVE-2023/CVE-2023-471xx/CVE-2023-47101.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-47101",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T18:15:10.130",
"lastModified": "2023-10-30T18:21:38.740",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:53:29.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The installer (aka openvpn-client-installer) in Securepoint SSL VPN Client before 2.0.40 allows local privilege escalation during installation or repair."
},
{
"lang": "es",
"value": "El instalador (tambi\u00e9n conocido como openvpn-client-installer) en Securepoint SSL VPN Client anterior a 2.0.40 permite la escalada de privilegios locales durante la instalaci\u00f3n o reparaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:securepoint:openvpn-client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "2.0.40",
"matchCriteriaId": "4AD46922-A7B2-4364-8A77-B565EF919D5C"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://cyvisory.group/advisory/CYADV-2023-012",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://sourceforge.net/p/securepoint/news/2023/08/2040-is-now-available/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-471xx/CVE-2023-47104.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47104",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T19:15:08.343",
"lastModified": "2023-10-31T12:58:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-07T23:11:46.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,88 @@
"value": "tinyfiledialogs (tambi\u00e9n conocido como di\u00e1logos de archivos peque\u00f1os) anteriores a 3.15.0 permite metacaracteres de shell (como comillas invertidas o un signo de d\u00f3lar) en t\u00edtulos, mensajes y otros datos de entrada. NOTA: este problema existe debido a una soluci\u00f3n incompleta para CVE-2020-36767, que solo consideraba comillas simples y dobles."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vareille:tiny_file_dialogs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.15.0",
"matchCriteriaId": "A12595AB-5C7B-4FF9-B116-69DCF0E24675"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/servo/servo/issues/25498#issuecomment-703527082",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://sourceforge.net/p/tinyfiledialogs/code/ci/ac9f9f6d8cdf45ca8d9b4cf1f201ee472301e114/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

120
CVE-2023/CVE-2023-49xx/CVE-2023-4964.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-4964",
"sourceIdentifier": "security@opentext.com",
"published": "2023-10-30T15:15:42.197",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:16:34.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Potential open redirect vulnerability\nin opentext Service Management Automation X\n(SMAX) versions 2020.05, 2020.08,\n2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset\nManagement X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. The\nvulnerability could allow attackers to redirect a user to\nmalicious websites.\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "Posible vulnerabilidad de redireccionamiento abierto en opentext Service Management Automation X (SMAX) versiones 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 y opentext Asset Management X (AMX) versiones 2021.08, 2 021.11, 2022.05, 2022.11. La vulnerabilidad podr\u00eda permitir a los atacantes redirigir a un usuario a sitios web maliciosos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -46,10 +80,90 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:asset_management_x:2021.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4DF49190-8A0F-405E-8C84-C2A09BDFADE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:asset_management_x:2021.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A7397F14-EA13-4E0B-A636-2227A80B8A5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:asset_management_x:2022.05:*:*:*:*:*:*:*",
"matchCriteriaId": "223F4197-5966-4DC3-A7A3-29695B97401F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:asset_management_x:2022.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B561C6FF-2BBB-49CC-88EC-22585BDF805A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2020.05:*:*:*:*:*:*:*",
"matchCriteriaId": "4F008E61-5AAE-456E-973A-69C0AF3380C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2020.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B27E0021-800F-43FA-9439-FDE451001E6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2020.11:*:*:*:*:*:*:*",
"matchCriteriaId": "8899E470-B07D-4399-912C-3D78B10479C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2021.02:*:*:*:*:*:*:*",
"matchCriteriaId": "39711A66-0034-4B95-BC28-CBE7095AD96D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2021.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1C1F7A4B-052A-4C71-A05F-CDD12115EFBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2021.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4A3CCD7D-E886-4318-908B-4D4AAE8B36D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2021.11:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3A895B-6323-43B6-809C-613B8C96D991"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2022.05:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D9DBF7-FFC0-42A0-B755-B3C6B0CB89F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:service_management_automation_x:2022.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC7A3B4-C64C-480A-AB0C-7C5CCC6DFDE0"
}
]
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000022703?language=en_US",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
}
]
}

94
CVE-2023/CVE-2023-53xx/CVE-2023-5349.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5349",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-30T21:15:07.643",
"lastModified": "2023-11-07T04:23:55.840",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-07T23:10:48.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -40,7 +60,17 @@
},
"weaknesses": [
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -50,22 +80,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rmagick:rmagick:*:*:*:*:*:ruby:*:*",
"versionEndExcluding": "5.3.0",
"matchCriteriaId": "B9093FAF-BBDD-4BAD-9274-6896A5F0BF47"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5349",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247064",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/rmagick/rmagick/issues/1401",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/rmagick/rmagick/pull/1406",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

67
CVE-2023/CVE-2023-54xx/CVE-2023-5426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5426",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-28T12:15:38.080",
"lastModified": "2023-11-07T04:23:59.387",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-08T00:48:02.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -38,14 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexpertplugins:post_meta_data_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.1",
"matchCriteriaId": "6FDE6C76-8A8F-44FD-B2B8-3EAAE245CAD8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2981559/post-meta-data-manager",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d6a7f882-4582-4b08-9597-329d140ad782?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-58xx/CVE-2023-5898.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5898",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-01T01:15:08.003",
"lastModified": "2023-11-01T12:51:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:06.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16."
},
{
"lang": "es",
"value": "Cross-Site Request Forgery (CSRF) en el repositorio de GitHub pkp/pkp-lib anterior a 3.3.0-16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +72,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pkp:pkp_web_application_library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.0-16",
"matchCriteriaId": "620A9B67-F772-49B8-87D8-001DCD83FA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pkp/pkp-lib/commit/01feef7a9392d314bf75b97a7e099cf0a307acd9",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/19801d12-b8ad-45e7-86e1-8f0230667c9e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-58xx/CVE-2023-5899.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5899",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-01T01:15:08.067",
"lastModified": "2023-11-01T12:51:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-08T00:26:14.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16."
},
{
"lang": "es",
"value": "Cross-Site Request Forgery (CSRF) en el repositorio de GitHub pkp/pkp-lib anterior a 3.3.0-16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,7 +62,7 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +70,52 @@
"value": "CWE-352"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pkp:pkp_web_application_library:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.0-16",
"matchCriteriaId": "620A9B67-F772-49B8-87D8-001DCD83FA6E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pkp/pkp-lib/commit/04e0e0eaeacd5d754b2f39c42148b31f646113c5",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/0c7f1981-3bba-4508-a07e-4cb9a2553216",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-60xx/CVE-2023-6001.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6001",
"sourceIdentifier": "security@yugabyte.com",
"published": "2023-11-08T00:15:07.620",
"lastModified": "2023-11-08T00:15:07.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Prometheus metrics are available without\nauthentication. These expose detailed and sensitive information about the YugabyteDB Anywhere environment."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@yugabyte.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@yugabyte.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://www.yugabyte.com/",
"source": "security@yugabyte.com"
}
]
}

55
CVE-2023/CVE-2023-60xx/CVE-2023-6002.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6002",
"sourceIdentifier": "security@yugabyte.com",
"published": "2023-11-08T00:15:08.360",
"lastModified": "2023-11-08T00:15:08.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "YugabyteDB is vulnerable to cross site scripting (XSS) via log injection.\u00a0Writing invalidated user input to log files can allow an attacker to forge log entries or inject malicious content into the logs.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@yugabyte.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@yugabyte.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-117"
}
]
}
],
"references": [
{
"url": "https://www.yugabyte.com/",
"source": "security@yugabyte.com"
}
]
}

88
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-07T23:00:18.924567+00:00
2023-11-08T00:55:21.260431+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-07T22:15:14.037000+00:00
2023-11-08T00:54:34.267000+00:00
```
### Last Data Feed Release
@ -29,68 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
230092
230096
```
### CVEs added in the last Commit
Recently added CVEs: `24`
Recently added CVEs: `4`
* [CVE-2021-43419](CVE-2021/CVE-2021-434xx/CVE-2021-43419.json) (`2023-11-07T21:15:08.230`)
* [CVE-2023-46676](CVE-2023/CVE-2023-466xx/CVE-2023-46676.json) (`2023-11-07T21:15:09.630`)
* [CVE-2023-46677](CVE-2023/CVE-2023-466xx/CVE-2023-46677.json) (`2023-11-07T21:15:10.370`)
* [CVE-2023-46678](CVE-2023/CVE-2023-466xx/CVE-2023-46678.json) (`2023-11-07T21:15:10.923`)
* [CVE-2023-46679](CVE-2023/CVE-2023-466xx/CVE-2023-46679.json) (`2023-11-07T21:15:11.433`)
* [CVE-2023-46680](CVE-2023/CVE-2023-466xx/CVE-2023-46680.json) (`2023-11-07T21:15:11.947`)
* [CVE-2023-46785](CVE-2023/CVE-2023-467xx/CVE-2023-46785.json) (`2023-11-07T21:15:12.563`)
* [CVE-2023-46786](CVE-2023/CVE-2023-467xx/CVE-2023-46786.json) (`2023-11-07T21:15:13.170`)
* [CVE-2023-46787](CVE-2023/CVE-2023-467xx/CVE-2023-46787.json) (`2023-11-07T21:15:13.417`)
* [CVE-2023-46788](CVE-2023/CVE-2023-467xx/CVE-2023-46788.json) (`2023-11-07T21:15:13.607`)
* [CVE-2023-46789](CVE-2023/CVE-2023-467xx/CVE-2023-46789.json) (`2023-11-07T21:15:13.793`)
* [CVE-2023-46790](CVE-2023/CVE-2023-467xx/CVE-2023-46790.json) (`2023-11-07T21:15:13.987`)
* [CVE-2023-5982](CVE-2023/CVE-2023-59xx/CVE-2023-5982.json) (`2023-11-07T21:15:14.193`)
* [CVE-2023-42361](CVE-2023/CVE-2023-423xx/CVE-2023-42361.json) (`2023-11-07T22:15:11.167`)
* [CVE-2023-46001](CVE-2023/CVE-2023-460xx/CVE-2023-46001.json) (`2023-11-07T22:15:11.473`)
* [CVE-2023-46792](CVE-2023/CVE-2023-467xx/CVE-2023-46792.json) (`2023-11-07T22:15:11.640`)
* [CVE-2023-46793](CVE-2023/CVE-2023-467xx/CVE-2023-46793.json) (`2023-11-07T22:15:12.280`)
* [CVE-2023-46794](CVE-2023/CVE-2023-467xx/CVE-2023-46794.json) (`2023-11-07T22:15:12.833`)
* [CVE-2023-46795](CVE-2023/CVE-2023-467xx/CVE-2023-46795.json) (`2023-11-07T22:15:13.063`)
* [CVE-2023-46796](CVE-2023/CVE-2023-467xx/CVE-2023-46796.json) (`2023-11-07T22:15:13.257`)
* [CVE-2023-46797](CVE-2023/CVE-2023-467xx/CVE-2023-46797.json) (`2023-11-07T22:15:13.447`)
* [CVE-2023-46798](CVE-2023/CVE-2023-467xx/CVE-2023-46798.json) (`2023-11-07T22:15:13.640`)
* [CVE-2023-46799](CVE-2023/CVE-2023-467xx/CVE-2023-46799.json) (`2023-11-07T22:15:13.837`)
* [CVE-2023-46800](CVE-2023/CVE-2023-468xx/CVE-2023-46800.json) (`2023-11-07T22:15:14.037`)
* [CVE-2023-43984](CVE-2023/CVE-2023-439xx/CVE-2023-43984.json) (`2023-11-07T23:15:07.680`)
* [CVE-2023-45380](CVE-2023/CVE-2023-453xx/CVE-2023-45380.json) (`2023-11-07T23:15:07.780`)
* [CVE-2023-6001](CVE-2023/CVE-2023-60xx/CVE-2023-6001.json) (`2023-11-08T00:15:07.620`)
* [CVE-2023-6002](CVE-2023/CVE-2023-60xx/CVE-2023-6002.json) (`2023-11-08T00:15:08.360`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `38`
* [CVE-2023-5425](CVE-2023/CVE-2023-54xx/CVE-2023-5425.json) (`2023-11-07T21:05:34.097`)
* [CVE-2023-5835](CVE-2023/CVE-2023-58xx/CVE-2023-5835.json) (`2023-11-07T21:06:58.527`)
* [CVE-2023-34058](CVE-2023/CVE-2023-340xx/CVE-2023-34058.json) (`2023-11-07T21:07:45.603`)
* [CVE-2023-34059](CVE-2023/CVE-2023-340xx/CVE-2023-34059.json) (`2023-11-07T21:13:23.037`)
* [CVE-2023-44219](CVE-2023/CVE-2023-442xx/CVE-2023-44219.json) (`2023-11-07T21:14:53.870`)
* [CVE-2023-1672](CVE-2023/CVE-2023-16xx/CVE-2023-1672.json) (`2023-11-07T21:15:08.837`)
* [CVE-2023-44220](CVE-2023/CVE-2023-442xx/CVE-2023-44220.json) (`2023-11-07T21:15:37.110`)
* [CVE-2023-5817](CVE-2023/CVE-2023-58xx/CVE-2023-5817.json) (`2023-11-07T21:16:59.943`)
* [CVE-2023-5820](CVE-2023/CVE-2023-58xx/CVE-2023-5820.json) (`2023-11-07T21:22:47.967`)
* [CVE-2023-46393](CVE-2023/CVE-2023-463xx/CVE-2023-46393.json) (`2023-11-07T21:24:28.183`)
* [CVE-2023-5570](CVE-2023/CVE-2023-55xx/CVE-2023-5570.json) (`2023-11-07T21:34:59.460`)
* [CVE-2023-5309](CVE-2023/CVE-2023-53xx/CVE-2023-5309.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-5998](CVE-2023/CVE-2023-59xx/CVE-2023-5998.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-46243](CVE-2023/CVE-2023-462xx/CVE-2023-46243.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-4154](CVE-2023/CVE-2023-41xx/CVE-2023-4154.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-4956](CVE-2023/CVE-2023-49xx/CVE-2023-4956.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-5818](CVE-2023/CVE-2023-58xx/CVE-2023-5818.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-5819](CVE-2023/CVE-2023-58xx/CVE-2023-5819.json) (`2023-11-07T21:36:29.563`)
* [CVE-2023-46242](CVE-2023/CVE-2023-462xx/CVE-2023-46242.json) (`2023-11-07T21:36:33.517`)
* [CVE-2023-46244](CVE-2023/CVE-2023-462xx/CVE-2023-46244.json) (`2023-11-07T21:36:33.517`)
* [CVE-2023-46252](CVE-2023/CVE-2023-462xx/CVE-2023-46252.json) (`2023-11-07T21:36:33.517`)
* [CVE-2023-46253](CVE-2023/CVE-2023-462xx/CVE-2023-46253.json) (`2023-11-07T21:36:33.517`)
* [CVE-2023-5443](CVE-2023/CVE-2023-54xx/CVE-2023-5443.json) (`2023-11-07T21:37:34.087`)
* [CVE-2023-5671](CVE-2023/CVE-2023-56xx/CVE-2023-5671.json) (`2023-11-07T21:46:49.640`)
* [CVE-2023-45137](CVE-2023/CVE-2023-451xx/CVE-2023-45137.json) (`2023-11-07T21:52:29.510`)
* [CVE-2023-42323](CVE-2023/CVE-2023-423xx/CVE-2023-42323.json) (`2023-11-07T23:09:02.373`)
* [CVE-2023-5349](CVE-2023/CVE-2023-53xx/CVE-2023-5349.json) (`2023-11-07T23:10:48.580`)
* [CVE-2023-47104](CVE-2023/CVE-2023-471xx/CVE-2023-47104.json) (`2023-11-07T23:11:46.987`)
* [CVE-2023-42804](CVE-2023/CVE-2023-428xx/CVE-2023-42804.json) (`2023-11-07T23:17:42.680`)
* [CVE-2023-42803](CVE-2023/CVE-2023-428xx/CVE-2023-42803.json) (`2023-11-07T23:25:21.980`)
* [CVE-2023-41891](CVE-2023/CVE-2023-418xx/CVE-2023-41891.json) (`2023-11-07T23:26:21.683`)
* [CVE-2023-47101](CVE-2023/CVE-2023-471xx/CVE-2023-47101.json) (`2023-11-07T23:53:29.037`)
* [CVE-2023-47090](CVE-2023/CVE-2023-470xx/CVE-2023-47090.json) (`2023-11-08T00:15:54.567`)
* [CVE-2023-36920](CVE-2023/CVE-2023-369xx/CVE-2023-36920.json) (`2023-11-08T00:16:23.700`)
* [CVE-2023-4964](CVE-2023/CVE-2023-49xx/CVE-2023-4964.json) (`2023-11-08T00:16:34.233`)
* [CVE-2023-44323](CVE-2023/CVE-2023-443xx/CVE-2023-44323.json) (`2023-11-08T00:23:53.110`)
* [CVE-2023-5898](CVE-2023/CVE-2023-58xx/CVE-2023-5898.json) (`2023-11-08T00:26:06.370`)
* [CVE-2023-5899](CVE-2023/CVE-2023-58xx/CVE-2023-5899.json) (`2023-11-08T00:26:14.793`)
* [CVE-2023-46215](CVE-2023/CVE-2023-462xx/CVE-2023-46215.json) (`2023-11-08T00:45:55.787`)
* [CVE-2023-5426](CVE-2023/CVE-2023-54xx/CVE-2023-5426.json) (`2023-11-08T00:48:02.973`)
* [CVE-2023-40140](CVE-2023/CVE-2023-401xx/CVE-2023-40140.json) (`2023-11-08T00:49:07.443`)
* [CVE-2023-40139](CVE-2023/CVE-2023-401xx/CVE-2023-40139.json) (`2023-11-08T00:51:24.077`)
* [CVE-2023-45336](CVE-2023/CVE-2023-453xx/CVE-2023-45336.json) (`2023-11-08T00:52:59.970`)
* [CVE-2023-45337](CVE-2023/CVE-2023-453xx/CVE-2023-45337.json) (`2023-11-08T00:53:05.587`)
* [CVE-2023-45339](CVE-2023/CVE-2023-453xx/CVE-2023-45339.json) (`2023-11-08T00:53:10.663`)
* [CVE-2023-45340](CVE-2023/CVE-2023-453xx/CVE-2023-45340.json) (`2023-11-08T00:53:16.033`)
* [CVE-2023-45341](CVE-2023/CVE-2023-453xx/CVE-2023-45341.json) (`2023-11-08T00:53:21.763`)
* [CVE-2023-45342](CVE-2023/CVE-2023-453xx/CVE-2023-45342.json) (`2023-11-08T00:53:30.717`)
* [CVE-2023-45343](CVE-2023/CVE-2023-453xx/CVE-2023-45343.json) (`2023-11-08T00:53:35.723`)
* [CVE-2023-46510](CVE-2023/CVE-2023-465xx/CVE-2023-46510.json) (`2023-11-08T00:54:34.267`)
## Download and Usage