admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-28T23:00:18.591431+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-28 23:00:22 +00:00
parent d85aa2e058
commit 0e02fb597e
24 changed files with 1279 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2023/CVE-2023-214xx/CVE-2023-21416.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21416",
"sourceIdentifier": "product-security@axis.com",
"published": "2023-11-21T07:15:08.890",
"lastModified": "2023-11-21T14:08:14.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:36:29.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "product-security@axis.com",
"type": "Secondary",
@ -38,10 +58,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*",
"versionEndExcluding": "11.7.57",
"matchCriteriaId": "D4DE1198-6B4E-41BF-A97F-0EBD1B575D21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "10.12.213",
"matchCriteriaId": "EB91B5E0-93B8-4FD7-9199-B780170A5770"
}
]
}
]
}
],
"references": [
{
"url": "https://www.axis.com/dam/public/35/2a/a6/cve-2023-21416-en-US-417790.pdf",
"source": "product-security@axis.com"
"source": "product-security@axis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-214xx/CVE-2023-21417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21417",
"sourceIdentifier": "product-security@axis.com",
"published": "2023-11-21T07:15:09.283",
"lastModified": "2023-11-21T14:08:14.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:35:41.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "product-security@axis.com",
"type": "Secondary",
@ -38,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*",
"versionEndExcluding": "11.7.57",
"matchCriteriaId": "D4DE1198-6B4E-41BF-A97F-0EBD1B575D21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "9.80.49",
"matchCriteriaId": "E20A1DAB-0D5B-4952-B4C0-A6A5808C49FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "10.12.208",
"matchCriteriaId": "2DC5A60B-0BD7-4ABC-8AA6-F1C8ED964EB2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.axis.com/dam/public/2a/82/12/cve-2023-21417-en-US-417791.pdf",
"source": "product-security@axis.com"
"source": "product-security@axis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-214xx/CVE-2023-21418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21418",
"sourceIdentifier": "product-security@axis.com",
"published": "2023-11-21T07:15:09.583",
"lastModified": "2023-11-21T14:08:14.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:34:55.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "product-security@axis.com",
"type": "Secondary",
@ -38,10 +58,67 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:-:*:*:*",
"versionEndExcluding": "6.50.5.15",
"matchCriteriaId": "FA86FDF1-58AD-4490-BF2B-D6C8DC083894"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os:*:*:*:*:active:*:*:*",
"versionEndExcluding": "11.7.57",
"matchCriteriaId": "D4DE1198-6B4E-41BF-A97F-0EBD1B575D21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2018:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "8.40.35",
"matchCriteriaId": "A714346C-6398-46ED-81F0-5546B00A2DEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2020:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "9.80.49",
"matchCriteriaId": "E20A1DAB-0D5B-4952-B4C0-A6A5808C49FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:axis:axis_os_2022:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "10.12.213",
"matchCriteriaId": "EB91B5E0-93B8-4FD7-9199-B780170A5770"
}
]
}
]
}
],
"references": [
{
"url": "https://www.axis.com/dam/public/49/93/55/cve-2023-21418-en-US-417792.pdf",
"source": "product-security@axis.com"
"source": "product-security@axis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-290xx/CVE-2023-29060.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29060",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T20:15:07.230",
"lastModified": "2023-11-28T20:15:07.230",
"lastModified": "2023-11-28T21:15:07.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus\u00e2\u201e\u00a2 workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data."
"value": "The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data."
}
],
"metrics": {

55
CVE-2023/CVE-2023-290xx/CVE-2023-29061.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29061",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.257",
"lastModified": "2023-11-28T21:15:07.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29062.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29062",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.440",
"lastModified": "2023-11-28T21:15:07.440",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes being sent to a malicious entity position on the local network. These hashes can subsequently be attacked through brute force and cracked if a weak password is used. This attack would only apply to domain joined systems."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29063.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29063",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.613",
"lastModified": "2023-11-28T21:15:07.613",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1299"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29064.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29064",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.800",
"lastModified": "2023-11-28T21:15:07.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29065.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29065",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.990",
"lastModified": "2023-11-28T21:15:07.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-277"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

55
CVE-2023/CVE-2023-290xx/CVE-2023-29066.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29066",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:08.173",
"lastModified": "2023-11-28T21:15:08.173",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.2,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.7,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-266"
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-facschorus-software",
"source": "cybersecurity@bd.com"
}
]
}

188
CVE-2023/CVE-2023-388xx/CVE-2023-38823.json
View File

@ -2,19 +2,199 @@
"id": "CVE-2023-38823",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T20:15:07.357",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T22:02:33.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento del b\u00fafer en Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 y v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n formSetCfm en bin/httpd."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B4BD4F2-A420-407B-AB87-039E14C5B1ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E382AD7E-1450-40FC-AE9D-698B491805F0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1B4BD4F2-A420-407B-AB87-039E14C5B1ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B622BF6D-85E6-475A-B7FB-11BA1A641191"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac9_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D8F25141-8B57-463D-AB97-F52C0143973C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac9:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "566DA530-18FC-4A46-95B4-2A7D343A96A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac19_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6A95D36D-4C22-4EDC-8CA9-D94C2838A9C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac19:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2E477EC-CDE3-4BC4-8F1A-43C2AC3F6381"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3AC468E5-44D1-4B94-B308-C1025DB1BB7B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9F8AF9-F921-4348-922B-EE5E6037E7AC"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/nhtri2003gmail/CVE_report/blob/master/CVE-2023-38823.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-464xx/CVE-2023-46470.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-46470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T21:15:08.210",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:57:57.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting en Space Applications Services Yamcs v.5.8.6 permite a un atacante remoto ejecutar c\u00f3digo arbitrario mediante un telecomando manipulado en la vista de l\u00ednea de tiempo de ArchiveBrowser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:spaceapplications:yacms:5.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "709795AB-C13A-4646-A87B-272FF61963D4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.linkedin.com/pulse/more-xss-clickjacking-yamcs-v586-visionspace-technologies-uvevf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-464xx/CVE-2023-46471.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-46471",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T21:15:08.253",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:57:35.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via the text variable scriptContainer of the ScriptViewer."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting en Space Applications Services Yamcs v.5.8.6 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la variable de texto scriptContainer de ScriptViewer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:spaceapplications:yacms:5.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "709795AB-C13A-4646-A87B-272FF61963D4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.linkedin.com/pulse/more-xss-clickjacking-yamcs-v586-visionspace-technologies-uvevf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-469xx/CVE-2023-46944.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-46944",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T22:15:06.937",
"lastModified": "2023-11-28T22:15:06.937",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gitkraken/vscode-gitlens/commit/ee2a0c42a92d33059a39fd15fbbd5dd3d5ab6440",
"source": "cve@mitre.org"
},
{
"url": "https://www.sonarsource.com/blog/vscode-security-markdown-vulnerabilities-in-extensions/",
"source": "cve@mitre.org"
}
]
}

67
CVE-2023/CVE-2023-469xx/CVE-2023-46990.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-46990",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T20:15:07.407",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:59:25.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data in PublicCMS v.4.0.202302.e allows a remote attacker to execute arbitrary code via a crafted script to the writeReplace function."
},
{
"lang": "es",
"value": "La deserializaci\u00f3n de datos no confiables en PublicCMS v.4.0.202302.e permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para la funci\u00f3n writeReplace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:publiccms:publiccms:4.0.202302.e:*:*:*:*:*:*:*",
"matchCriteriaId": "696F37D9-7CB7-428B-ADE4-3EB40573111A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/sanluan/PublicCMS/issues/76#issue-1960443408",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

86
CVE-2023/CVE-2023-471xx/CVE-2023-47172.json
View File

@ -2,19 +2,97 @@
"id": "CVE-2023-47172",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T21:15:08.293",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:57:21.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Local Privilege Escalation. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, and WithSecure Elements Endpoint Protection 17 and later."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la escalada de privilegios locales. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15 y WithSecure Elements Endpoint Protection 17 y posteriores."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:client_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15",
"matchCriteriaId": "6C3FF325-62E4-45DF-AA2C-E2B3CCDF080F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:elements_endpoint_protection:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17",
"matchCriteriaId": "B92950AC-F16B-4935-93D8-39E6DC6B0B5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:email_and_server_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15",
"matchCriteriaId": "FDC69E2C-7B7A-4203-949D-25F4343082C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:server_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15",
"matchCriteriaId": "73BCD074-70B5-4905-A20F-A60966EB2912"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.withsecure.com/en/support/security-advisories/cve-2023-47172",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-473xx/CVE-2023-47311.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-47311",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T21:15:08.337",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:52:56.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking."
},
{
"lang": "es",
"value": "Un problema en Yamcs 5.8.6 permite a los atacantes enviar telecomandos arbitrarios en una pila de comandos mediante Clickjacking."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:spaceapplications:yacms:5.8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "709795AB-C13A-4646-A87B-272FF61963D4"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.linkedin.com/pulse/more-xss-clickjacking-yamcs-v586-visionspace-technologies-uvevf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-474xx/CVE-2023-47417.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-47417",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-20T20:15:07.457",
"lastModified": "2023-11-21T01:38:10.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-28T21:59:05.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in the component /shells/embedder.html of DZSlides after v2011.07.25 allows attackers to execute arbitrary code via a crafted payload."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en el componente /shells/embedder.html de DZSlides posterior a v2011.07.25 permite a atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paulrouget:dzslides:*:*:*:*:*:*:*:*",
"versionStartExcluding": "2011-07-25",
"matchCriteriaId": "A0964C68-2F7C-4C22-8CCF-00884663DF0F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/cd80/5b7702ffbfc8531f30b56356a4a7f4dd",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/paulrouget/dzslides",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

6
CVE-2023/CVE-2023-478xx/CVE-2023-47839.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-47839",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-23T00:15:09.320",
"lastModified": "2023-11-28T20:51:38.590",
"lastModified": "2023-11-28T21:07:29.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -89,9 +89,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog_plugin_for_wordpress:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:implecode:ecommerce_product_catalog:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.26",
"matchCriteriaId": "4276AEF5-FC23-45B7-A0C7-0212B69A6C2B"
"matchCriteriaId": "9BFFCB33-0E37-4307-9FAD-0EB9E6946549"
}
]
}

28
CVE-2023/CVE-2023-481xx/CVE-2023-48193.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-48193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T21:15:08.373",
"lastModified": "2023-11-28T21:15:08.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function."
}
],
"metrics": {},
"references": [
{
"url": "http://jumpserver.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/296430468/lcc_test/blob/main/jumpserver_BUG.md",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/jumpserver/jumpserver",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-481xx/CVE-2023-48198.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-48198",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T23:15:08.957",
"lastModified": "2023-11-21T01:03:03.887",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-28T21:15:08.420",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the product description component in the api/stock/products endpoint."
"value": "A Cross-Site Scripting (XSS) vulnerability in the 'product description' component within '/api/stock/products' of Grocy version <= 4.0.3 allows attackers to obtain a victim's cookies."
},
{
"lang": "es",

6
CVE-2023/CVE-2023-481xx/CVE-2023-48199.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-48199",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T23:15:09.000",
"lastModified": "2023-11-21T01:03:12.623",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-28T21:15:08.477",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue in Grocy v.4.0.3 allows a local attacker to execute arbitrary code and obtain sensitive information via the QR code funciton in the manageapikeys component."
"value": "HTML Injection vulnerability in the 'manageApiKeys' component in Grocy <= 4.0.3 allows attackers to inject arbitrary HTML content without script execution. This occurs when user-supplied data is not appropriately sanitized, enabling the injection of HTML tags through parameter values. The attacker can then manipulate page content in the QR code detail popup, often coupled with social engineering tactics, exploiting both the trust of users and the application's lack of proper input handling."
},
{
"lang": "es",

59
CVE-2023/CVE-2023-490xx/CVE-2023-49092.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-49092",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-28T21:15:08.530",
"lastModified": "2023-11-28T21:15:08.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-385"
}
]
}
],
"references": [
{
"url": "https://github.com/RustCrypto/RSA/issues/19#issuecomment-1822995643",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RustCrypto/RSA/security/advisories/GHSA-c38w-74pg-36hr",
"source": "security-advisories@github.com"
}
]
}

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-28T21:00:17.836328+00:00
2023-11-28T23:00:18.591431+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-28T20:51:38.590000+00:00
2023-11-28T22:15:06.937000+00:00
```
### Last Data Feed Release
@ -29,50 +29,42 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231651
231660
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `9`
* [CVE-2023-48121](CVE-2023/CVE-2023-481xx/CVE-2023-48121.json) (`2023-11-28T19:15:07.340`)
* [CVE-2023-49078](CVE-2023/CVE-2023-490xx/CVE-2023-49078.json) (`2023-11-28T19:15:07.397`)
* [CVE-2023-29060](CVE-2023/CVE-2023-290xx/CVE-2023-29060.json) (`2023-11-28T20:15:07.230`)
* [CVE-2023-30588](CVE-2023/CVE-2023-305xx/CVE-2023-30588.json) (`2023-11-28T20:15:07.437`)
* [CVE-2023-30590](CVE-2023/CVE-2023-305xx/CVE-2023-30590.json) (`2023-11-28T20:15:07.480`)
* [CVE-2023-45539](CVE-2023/CVE-2023-455xx/CVE-2023-45539.json) (`2023-11-28T20:15:07.817`)
* [CVE-2023-29061](CVE-2023/CVE-2023-290xx/CVE-2023-29061.json) (`2023-11-28T21:15:07.257`)
* [CVE-2023-29062](CVE-2023/CVE-2023-290xx/CVE-2023-29062.json) (`2023-11-28T21:15:07.440`)
* [CVE-2023-29063](CVE-2023/CVE-2023-290xx/CVE-2023-29063.json) (`2023-11-28T21:15:07.613`)
* [CVE-2023-29064](CVE-2023/CVE-2023-290xx/CVE-2023-29064.json) (`2023-11-28T21:15:07.800`)
* [CVE-2023-29065](CVE-2023/CVE-2023-290xx/CVE-2023-29065.json) (`2023-11-28T21:15:07.990`)
* [CVE-2023-29066](CVE-2023/CVE-2023-290xx/CVE-2023-29066.json) (`2023-11-28T21:15:08.173`)
* [CVE-2023-48193](CVE-2023/CVE-2023-481xx/CVE-2023-48193.json) (`2023-11-28T21:15:08.373`)
* [CVE-2023-49092](CVE-2023/CVE-2023-490xx/CVE-2023-49092.json) (`2023-11-28T21:15:08.530`)
* [CVE-2023-46944](CVE-2023/CVE-2023-469xx/CVE-2023-46944.json) (`2023-11-28T22:15:06.937`)
### CVEs modified in the last Commit
Recently modified CVEs: `49`
Recently modified CVEs: `14`
* [CVE-2023-6207](CVE-2023/CVE-2023-62xx/CVE-2023-6207.json) (`2023-11-28T19:42:50.670`)
* [CVE-2023-6206](CVE-2023/CVE-2023-62xx/CVE-2023-6206.json) (`2023-11-28T19:44:05.347`)
* [CVE-2023-6205](CVE-2023/CVE-2023-62xx/CVE-2023-6205.json) (`2023-11-28T19:44:48.170`)
* [CVE-2023-6204](CVE-2023/CVE-2023-62xx/CVE-2023-6204.json) (`2023-11-28T19:45:10.887`)
* [CVE-2023-49061](CVE-2023/CVE-2023-490xx/CVE-2023-49061.json) (`2023-11-28T19:45:33.650`)
* [CVE-2023-46850](CVE-2023/CVE-2023-468xx/CVE-2023-46850.json) (`2023-11-28T19:47:39.703`)
* [CVE-2023-46849](CVE-2023/CVE-2023-468xx/CVE-2023-46849.json) (`2023-11-28T19:47:44.070`)
* [CVE-2023-47809](CVE-2023/CVE-2023-478xx/CVE-2023-47809.json) (`2023-11-28T19:51:59.687`)
* [CVE-2023-47810](CVE-2023/CVE-2023-478xx/CVE-2023-47810.json) (`2023-11-28T19:52:19.490`)
* [CVE-2023-47811](CVE-2023/CVE-2023-478xx/CVE-2023-47811.json) (`2023-11-28T19:52:35.397`)
* [CVE-2023-47812](CVE-2023/CVE-2023-478xx/CVE-2023-47812.json) (`2023-11-28T20:03:09.987`)
* [CVE-2023-47813](CVE-2023/CVE-2023-478xx/CVE-2023-47813.json) (`2023-11-28T20:03:29.477`)
* [CVE-2023-47814](CVE-2023/CVE-2023-478xx/CVE-2023-47814.json) (`2023-11-28T20:04:37.090`)
* [CVE-2023-47815](CVE-2023/CVE-2023-478xx/CVE-2023-47815.json) (`2023-11-28T20:05:31.977`)
* [CVE-2023-47816](CVE-2023/CVE-2023-478xx/CVE-2023-47816.json) (`2023-11-28T20:07:47.730`)
* [CVE-2023-35078](CVE-2023/CVE-2023-350xx/CVE-2023-35078.json) (`2023-11-28T20:15:07.530`)
* [CVE-2023-47835](CVE-2023/CVE-2023-478xx/CVE-2023-47835.json) (`2023-11-28T20:21:32.220`)
* [CVE-2023-47817](CVE-2023/CVE-2023-478xx/CVE-2023-47817.json) (`2023-11-28T20:23:25.427`)
* [CVE-2023-47821](CVE-2023/CVE-2023-478xx/CVE-2023-47821.json) (`2023-11-28T20:23:38.657`)
* [CVE-2023-47829](CVE-2023/CVE-2023-478xx/CVE-2023-47829.json) (`2023-11-28T20:23:54.067`)
* [CVE-2023-47834](CVE-2023/CVE-2023-478xx/CVE-2023-47834.json) (`2023-11-28T20:24:06.653`)
* [CVE-2023-47833](CVE-2023/CVE-2023-478xx/CVE-2023-47833.json) (`2023-11-28T20:25:42.100`)
* [CVE-2023-47790](CVE-2023/CVE-2023-477xx/CVE-2023-47790.json) (`2023-11-28T20:39:17.157`)
* [CVE-2023-40002](CVE-2023/CVE-2023-400xx/CVE-2023-40002.json) (`2023-11-28T20:50:44.160`)
* [CVE-2023-47839](CVE-2023/CVE-2023-478xx/CVE-2023-47839.json) (`2023-11-28T20:51:38.590`)
* [CVE-2023-47839](CVE-2023/CVE-2023-478xx/CVE-2023-47839.json) (`2023-11-28T21:07:29.180`)
* [CVE-2023-29060](CVE-2023/CVE-2023-290xx/CVE-2023-29060.json) (`2023-11-28T21:15:07.190`)
* [CVE-2023-48198](CVE-2023/CVE-2023-481xx/CVE-2023-48198.json) (`2023-11-28T21:15:08.420`)
* [CVE-2023-48199](CVE-2023/CVE-2023-481xx/CVE-2023-48199.json) (`2023-11-28T21:15:08.477`)
* [CVE-2023-21418](CVE-2023/CVE-2023-214xx/CVE-2023-21418.json) (`2023-11-28T21:34:55.540`)
* [CVE-2023-21417](CVE-2023/CVE-2023-214xx/CVE-2023-21417.json) (`2023-11-28T21:35:41.927`)
* [CVE-2023-21416](CVE-2023/CVE-2023-214xx/CVE-2023-21416.json) (`2023-11-28T21:36:29.577`)
* [CVE-2023-47311](CVE-2023/CVE-2023-473xx/CVE-2023-47311.json) (`2023-11-28T21:52:56.520`)
* [CVE-2023-47172](CVE-2023/CVE-2023-471xx/CVE-2023-47172.json) (`2023-11-28T21:57:21.713`)
* [CVE-2023-46471](CVE-2023/CVE-2023-464xx/CVE-2023-46471.json) (`2023-11-28T21:57:35.880`)
* [CVE-2023-46470](CVE-2023/CVE-2023-464xx/CVE-2023-46470.json) (`2023-11-28T21:57:57.727`)
* [CVE-2023-47417](CVE-2023/CVE-2023-474xx/CVE-2023-47417.json) (`2023-11-28T21:59:05.567`)
* [CVE-2023-46990](CVE-2023/CVE-2023-469xx/CVE-2023-46990.json) (`2023-11-28T21:59:25.917`)
* [CVE-2023-38823](CVE-2023/CVE-2023-388xx/CVE-2023-38823.json) (`2023-11-28T22:02:33.013`)
## Download and Usage