admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-23T18:00:29.230291+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-23 18:00:32 +00:00
parent c6df2ed809
commit 11c527178a
45 changed files with 1581 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2020/CVE-2020-224xx/CVE-2020-22402.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-22402",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.440",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:22:49.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:alinto:sogo_web_mail:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.1",
"matchCriteriaId": "BF1C0137-B6EE-4461-8844-32FF6DE4D345"
}
]
}
]
}
],
"references": [
{
"url": "https://sogo.nu/bugs/view.php?id=4979",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

4
CVE-2022/CVE-2022-251xx/CVE-2022-25172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25172",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-12T17:15:10.357",
"lastModified": "2022-05-23T18:14:53.377",
"lastModified": "2023-06-23T17:59:57.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -92,7 +92,7 @@
"description": [
{
"lang": "en",
"value": "CWE-79"
"value": "CWE-732"
}
]
},

12
CVE-2022/CVE-2022-253xx/CVE-2022-25310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-25310",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-06T18:15:11.557",
"lastModified": "2023-02-12T22:15:25.647",
"vulnStatus": "Modified",
"lastModified": "2023-06-23T17:50:23.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -40,22 +40,22 @@
},
"weaknesses": [
{
"source": "secalert@redhat.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-476"
}
]
},
{
"source": "nvd@nist.gov",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-119"
}
]
}

4
CVE-2022/CVE-2022-253xx/CVE-2022-25371.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25371",
"sourceIdentifier": "security@apache.org",
"published": "2022-09-02T07:15:07.450",
"lastModified": "2022-09-29T15:50:21.737",
"lastModified": "2023-06-23T17:57:34.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-94"
"value": "CWE-22"
}
]
},

4
CVE-2022/CVE-2022-459xx/CVE-2022-45910.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-45910",
"sourceIdentifier": "security@apache.org",
"published": "2022-12-07T10:15:11.217",
"lastModified": "2022-12-12T15:23:51.937",
"lastModified": "2023-06-23T17:30:40.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-74"
}
]
},

6
CVE-2022/CVE-2022-45xx/CVE-2022-4557.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4557",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-02-12T04:15:19.160",
"lastModified": "2023-03-26T20:15:08.607",
"vulnStatus": "Modified",
"lastModified": "2023-06-23T16:19:52.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-89"
}
]
},

14
CVE-2022/CVE-2022-461xx/CVE-2022-46145.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46145",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-02T18:15:12.790",
"lastModified": "2022-12-06T12:23:25.720",
"lastModified": "2023-06-23T17:54:04.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

18
CVE-2022/CVE-2022-461xx/CVE-2022-46172.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46172",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-28T07:15:07.833",
"lastModified": "2023-01-06T17:36:08.337",
"lastModified": "2023-06-23T16:28:20.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -68,6 +68,20 @@
"value": "CWE-287"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [

4
CVE-2022/CVE-2022-463xx/CVE-2022-46333.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46333",
"sourceIdentifier": "security@proofpoint.com",
"published": "2022-12-06T20:15:10.690",
"lastModified": "2022-12-09T14:18:59.000",
"lastModified": "2023-06-23T17:55:17.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-77"
"value": "CWE-94"
}
]
},

4
CVE-2022/CVE-2022-463xx/CVE-2022-46355.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46355",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-12-13T16:15:25.977",
"lastModified": "2022-12-16T15:17:51.623",
"lastModified": "2023-06-23T17:49:07.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-200"
}
]
},

4
CVE-2022/CVE-2022-46xx/CVE-2022-4613.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4613",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-12-19T15:15:10.520",
"lastModified": "2022-12-23T21:14:23.177",
"lastModified": "2023-06-23T17:45:50.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-46xx/CVE-2022-4683.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4683",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-12-23T12:15:08.627",
"lastModified": "2022-12-30T22:22:35.913",
"lastModified": "2023-06-23T17:14:58.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -63,7 +63,7 @@
"description": [
{
"lang": "en",
"value": "CWE-319"
"value": "CWE-311"
}
]
},

14
CVE-2022/CVE-2022-46xx/CVE-2022-4686.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4686",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-12-23T12:15:11.110",
"lastModified": "2022-12-30T22:19:23.310",
"lastModified": "2023-06-23T16:55:23.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -58,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-46xx/CVE-2022-4693.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4693",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-23T15:15:16.190",
"lastModified": "2023-01-31T17:00:24.180",
"lastModified": "2023-06-23T16:11:34.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

8
CVE-2022/CVE-2022-470xx/CVE-2022-47075.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47075",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T23:15:11.317",
"lastModified": "2023-03-06T14:47:01.873",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-23T17:15:09.110",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html",
"source": "cve@mitre.org"
},
{
"url": "https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/",
"source": "cve@mitre.org",

8
CVE-2022/CVE-2022-470xx/CVE-2022-47076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47076",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-28T23:15:11.390",
"lastModified": "2023-03-06T14:42:59.723",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-23T17:15:09.180",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173093/Smart-Office-Web-20.28-Information-Disclosure-Insecure-Direct-Object-Reference.html",
"source": "cve@mitre.org"
},
{
"url": "https://cvewalkthrough.com/smart-office-suite-cve-2022-47076-cve-2022-47075/",
"source": "cve@mitre.org",

18
CVE-2022/CVE-2022-471xx/CVE-2022-47196.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47196",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-01-19T18:15:14.380",
"lastModified": "2023-01-25T19:53:46.060",
"lastModified": "2023-06-23T16:11:01.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -58,8 +58,22 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1188"
},
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-479xx/CVE-2022-47935.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47935",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-01-10T12:15:23.830",
"lastModified": "2023-01-17T16:21:50.610",
"lastModified": "2023-06-23T16:10:38.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-49xx/CVE-2022-4927.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4927",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-03-05T20:15:08.873",
"lastModified": "2023-03-13T16:45:59.253",
"lastModified": "2023-06-23T17:18:06.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -88,7 +88,7 @@
"description": [
{
"lang": "en",
"value": "CWE-601"
"value": "NVD-CWE-Other"
}
]
},

64
CVE-2023/CVE-2023-254xx/CVE-2023-25434.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-25434",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.337",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T16:25:42.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5A5F7CB4-EB47-441F-AC8A-ACF688CA702D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/519",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

66
CVE-2023/CVE-2023-269xx/CVE-2023-26965.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-26965",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.483",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T16:35:15.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.5.0",
"matchCriteriaId": "A17B02C6-10A4-4AAF-9D59-BEA968264451"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/472",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

6
CVE-2023/CVE-2023-275xx/CVE-2023-27585.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-27585",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-03-14T17:15:19.587",
"lastModified": "2023-04-19T01:15:07.200",
"lastModified": "2023-06-23T16:15:09.087",
"vulnStatus": "Modified",
"descriptions": [
{
@ -115,6 +115,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00020.html",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5438",
"source": "security-advisories@github.com"
},
{
"url": "https://www.pjsip.org/pjlib-util/docs/html/group__PJ__DNS__RESOLVER.htm",
"source": "security-advisories@github.com",

16
CVE-2023/CVE-2023-29xx/CVE-2023-2986.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-2986",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-08T02:15:09.217",
"lastModified": "2023-06-19T18:15:09.577",
"lastModified": "2023-06-23T16:15:09.193",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, which users are typically customers."
"value": "The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated attackers to log in as users who have abandoned the cart, who are typically customers. Further security hardening was introduced in version 5.15.1 that ensures sites are no longer vulnerable through historical check-out links, and additional hardening was introduced in version 5.15.2 that ensured null key values wouldn't permit the authentication bypass."
}
],
"metrics": {
@ -86,11 +86,11 @@
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172966/WordPress-Abandoned-Cart-Lite-For-WooCommerce-5.14.2-Authentication-Bypass.html",
"url": "https://github.com/Ayantaker/CVE-2023-2986",
"source": "security@wordfence.com"
},
{
"url": "http://packetstormsecurity.com/files/173018/WordPress-Abandoned-Cart-Lite-For-WooCommerce-5.14.2-Authentication-Bypass.html",
"url": "https://github.com/TycheSoftwares/woocommerce-abandoned-cart/pull/885#issuecomment-1601813615",
"source": "security@wordfence.com"
},
{
@ -114,6 +114,14 @@
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2925274%40woocommerce-abandoned-cart&new=2925274%40woocommerce-abandoned-cart&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/blog/2023/06/tyche-softwares-addresses-authentication-bypass-vulnerability-in-abandoned-cart-lite-for-woocommerce-wordpress-plugin/",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/68052614-204f-4237-af0e-4b8210ebd59f?source=cve",
"source": "security@wordfence.com",

63
CVE-2023/CVE-2023-301xx/CVE-2023-30150.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-30150",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.557",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:36:03.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leotheme:leocustomajax:1.0.0:*:*:*:*:prestashop:*:*",
"matchCriteriaId": "C7D839DA-88CF-4571-9BCF-9E54EAD1AE78"
}
]
}
]
}
],
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/module/2023/06/06/leocustomajax.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-316xx/CVE-2023-31671.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-31671",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T18:15:09.573",
"lastModified": "2023-06-14T18:20:18.790",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:54:22.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess()."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webbax:postfinance:*:*:*:*:*:prestashop:*:*",
"versionEndExcluding": "17.1.14",
"matchCriteriaId": "E006D417-55B3-4FFC-B0C9-DF62479993DE"
}
]
}
]
}
],
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/06/13/postfinance.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://shop.webbax.ch/modules-de-paiement/123-module-postfinance.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

88
CVE-2023/CVE-2023-33xx/CVE-2023-3391.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3391",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-23T16:15:09.693",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file detailview.php. The manipulation of the argument employeeid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232288."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/mohdkey/Human-Resource-Management-System/blob/main/Human%20Resource%20Management%20System%20detailview.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.232288",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.232288",
"source": "cna@vuldb.com"
}
]
}

81
CVE-2023/CVE-2023-342xx/CVE-2023-34253.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34253",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T23:15:11.037",
"lastModified": "2023-06-15T12:39:17.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:48:02.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,26 +80,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.7.42",
"matchCriteriaId": "758F84B9-A2EC-45D8-86DD-B309DB02B9AE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/getgrav/grav/blob/1.7.40/system/src/Grav/Common/Utils.php#L1952-L2190",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/getgrav/grav/commit/71bbed12f950de8335006d7f91112263d8504f1b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/getgrav/grav/security/advisories/GHSA-j3v8-v77f-fvgm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://huntr.dev/bounties/3ef640e6-9e25-4ecb-8ec1-64311d63fe66/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.github.com/getgrav/grav/commit/9d6a2dba09fd4e56f5cdfb9a399caea355bfeb83",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

8
CVE-2023/CVE-2023-343xx/CVE-2023-34362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T14:15:09.487",
"lastModified": "2023-06-20T15:39:41.640",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-23T17:15:09.243",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-06-02",
"cisaActionDue": "2023-06-23",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -132,6 +132,10 @@
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/173110/MOVEit-SQL-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023",
"source": "cve@mitre.org",

71
CVE-2023/CVE-2023-344xx/CVE-2023-34465.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-34465",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T16:15:09.303",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 11.8-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.2, `Mail.MailConfig` can be edited by any logged-in user by default. Consequently, they can change the mail obfuscation configuration and view and edit the mail sending configuration, including the smtp domain name and credentials. The problem has been patched in XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, the rights of the `Mail.MailConfig` page can be manually updated so that only a set of trusted users can view, edit and delete it (e.g., the `XWiki.XWikiAdminGroup` group)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/8910b8857d3442d2e8142f655fdc0512930354d1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/d28d7739089e1ae8961257d9da7135d1a01cb7d4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g75c-cjr6-39mc",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20519",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20671",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-344xx/CVE-2023-34466.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34466",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T16:15:09.393",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 5.0-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, tags from pages not viewable to the current user are leaked by the tags API. This information can also be exploited to infer the document reference of non-viewable pages. This vulnerability has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7f2f-pcv3-j2r7",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20002",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-344xx/CVE-2023-34467.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-34467",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.310",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 3.5-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, the mail obfuscation configuration was not fully taken into account. While the mail displayed to the end user was obfuscated, the rest response was also containing the mail unobfuscated and users were able to filter and sort on the unobfuscated, allowing them to infer the mail content. The consequence was the possibility to retrieve the email addresses of all users even when obfuscated. This has been patched in XWiki 14.4.8, 14.10.4, and 15.0-rc-1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-402"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/71f889db9962df2d385f4298e29cfbc9050b828a#diff-5a739e5865b1f1ad9d79b724791be51b0095a0170cc078911c940478b13b949a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-7vr7-cghh-ch63",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20333",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2023/CVE-2023-345xx/CVE-2023-34565.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34565",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.867",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T16:32:00.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Netbox 3.5.1 is vulnerable to Cross Site Scripting (XSS) in the \"Create Wireless LAN Groups\" function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netbox_project:netbox:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC83B0FC-B189-4C58-9CD6-E6EB667635A9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/grayfullbuster0804/netbox/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34617.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34617",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.233",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T16:16:08.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered genson thru 1.6 allows attackers to cause a denial of service or other unspecified impacts via crafted object that uses cyclic dependencies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genson_project:genson:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.6",
"matchCriteriaId": "B249C707-CB88-40D4-BA9D-0A49E78759D7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/owlike/genson/issues/191",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-348xx/CVE-2023-34823.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34823",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.750",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:28:17.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "fdkaac before 1.0.5 was discovered to contain a stack overflow in read_callback function in src/main.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fdkaac_project:fdkaac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "97D36EF0-479D-41D1-9AC7-D67FAEE70E5B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nu774/fdkaac/issues/55",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-348xx/CVE-2023-34824.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34824",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:10.790",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:18:09.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "fdkaac before 1.0.5 was discovered to contain a heap buffer overflow in caf_info function in caf_reader.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fdkaac_project:fdkaac:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.5",
"matchCriteriaId": "97D36EF0-479D-41D1-9AC7-D67FAEE70E5B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nu774/fdkaac/issues/55",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-351xx/CVE-2023-35142.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-35142",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:11.897",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:42:10.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:checkmarx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2023.4.3",
"matchCriteriaId": "227F26DC-80AC-4F72-9421-D723DE97FF01"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/5",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2870",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-351xx/CVE-2023-35146.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-35146",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.117",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:41:06.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Template Workflows Plugin 41.v32d86a_313b_4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create jobs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:template_workflows:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "41.v32d86a_313b_4a",
"matchCriteriaId": "D8F8E2FE-810F-4DC1-B76C-9F7CE6C7D61A"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/5",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3166",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-351xx/CVE-2023-35149.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-35149",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.277",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T17:32:50.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:digital.ai_app_management_publisher:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2.6",
"matchCriteriaId": "31136FAA-31BD-4EA7-90BA-7CB4E6989737"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/5",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-351xx/CVE-2023-35150.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-35150",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.380",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 2.40m-2 and prior to versions 14.4.8, 14.10.4, and 15.0, any user with view rights on any document can execute code with programming rights, leading to remote code execution by crafting an url with a dangerous payload. The problem has been patched in XWiki 15.0, 14.10.4 and 14.4.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/b65220a4d86b8888791c3b643074ebca5c089a3a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6mf5-36v9-3h2w",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20285",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-351xx/CVE-2023-35151.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-35151",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.457",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 7.3-milestone-1 and prior to versions 14.4.8, 14.10.6, and 15.1, ny user can call a REST endpoint and obtain the obfuscated passwords, even when the mail obfuscation is activated. The issue has been patched in XWiki 14.4.8, 14.10.6, and 15.1. There is no known workaround."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-359"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/824cd742ecf5439971247da11bfe7e0ad2b10ede",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8g9c-c9cm-9c56",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-16138",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-351xx/CVE-2023-35152.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-35152",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.533",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 12.9-rc-1 and prior to versions 14.4.8, 14.10.6, and 15.1, any logged in user can add dangerous content in their first name field and see it executed with programming rights. Leading to rights escalation. The vulnerability has been fixed on XWiki 14.4.8, 14.10.6, and 15.1. As a workaround, one may apply the patch manually."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-95"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/0993a7ab3c102f9ac37ffe361a83a3dc302c0e45#diff-0b51114cb27f7a5c599cf40c59d658eae6ddc5c0836532c3b35e163f40a4854fR39",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rf8j-q39g-7xfm",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-19900",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20611",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-359xx/CVE-2023-35925.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-35925",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T16:15:09.477",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "FastAsyncWorldEdit (FAWE) is designed for efficient world editing. This vulnerability enables the attacker to select a region with the `Infinity` keyword (case-sensitive!) and executes any operation. This has a possibility of bringing the performing server down. This issue has been fixed in version 2.6.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/pull/2285",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/releases/tag/2.6.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/IntellectualSites/FastAsyncWorldEdit/security/advisories/GHSA-whj9-m24x-qhhp",
"source": "security-advisories@github.com"
}
]
}

20
CVE-2023/CVE-2023-362xx/CVE-2023-36284.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36284",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T16:15:09.573",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameter date_from, date_to, and id_product allows a remote attacker to bypass a web application's authentication and authorization mechanisms and retrieve the contents of an entire database."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Time-Based-SQL-injection-in-QloApps-1-6-0-0-be3ed1bdaf784a77b45dc6898a2de17e?pvs=4",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-362xx/CVE-2023-36287.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36287",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T16:15:09.630",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST controller parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Cross-site-scripting-via-controller-parameter-in-QloApps-1-6-0-97e409ce164f40d195b625b9bf719900?pvs=4",
"source": "cve@mitre.org"
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-23T16:00:27.253113+00:00
2023-06-23T18:00:29.230291+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-23T15:49:09.940000+00:00
2023-06-23T17:59:57.060000+00:00
```
### Last Data Feed Release
@ -29,44 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218381
218391
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `10`
* [CVE-2022-47614](CVE-2022/CVE-2022-476xx/CVE-2022-47614.json) (`2023-06-23T15:15:08.983`)
* [CVE-2023-23679](CVE-2023/CVE-2023-236xx/CVE-2023-23679.json) (`2023-06-23T15:15:09.063`)
* [CVE-2023-34464](CVE-2023/CVE-2023-344xx/CVE-2023-34464.json) (`2023-06-23T15:15:09.200`)
* [CVE-2023-36271](CVE-2023/CVE-2023-362xx/CVE-2023-36271.json) (`2023-06-23T15:15:10.027`)
* [CVE-2023-36272](CVE-2023/CVE-2023-362xx/CVE-2023-36272.json) (`2023-06-23T15:15:10.103`)
* [CVE-2023-36273](CVE-2023/CVE-2023-362xx/CVE-2023-36273.json) (`2023-06-23T15:15:10.160`)
* [CVE-2023-36274](CVE-2023/CVE-2023-362xx/CVE-2023-36274.json) (`2023-06-23T15:15:10.213`)
* [CVE-2023-36288](CVE-2023/CVE-2023-362xx/CVE-2023-36288.json) (`2023-06-23T15:15:10.323`)
* [CVE-2023-36289](CVE-2023/CVE-2023-362xx/CVE-2023-36289.json) (`2023-06-23T15:15:10.537`)
* [CVE-2023-34465](CVE-2023/CVE-2023-344xx/CVE-2023-34465.json) (`2023-06-23T16:15:09.303`)
* [CVE-2023-34466](CVE-2023/CVE-2023-344xx/CVE-2023-34466.json) (`2023-06-23T16:15:09.393`)
* [CVE-2023-35925](CVE-2023/CVE-2023-359xx/CVE-2023-35925.json) (`2023-06-23T16:15:09.477`)
* [CVE-2023-36284](CVE-2023/CVE-2023-362xx/CVE-2023-36284.json) (`2023-06-23T16:15:09.573`)
* [CVE-2023-36287](CVE-2023/CVE-2023-362xx/CVE-2023-36287.json) (`2023-06-23T16:15:09.630`)
* [CVE-2023-3391](CVE-2023/CVE-2023-33xx/CVE-2023-3391.json) (`2023-06-23T16:15:09.693`)
* [CVE-2023-34467](CVE-2023/CVE-2023-344xx/CVE-2023-34467.json) (`2023-06-23T17:15:09.310`)
* [CVE-2023-35150](CVE-2023/CVE-2023-351xx/CVE-2023-35150.json) (`2023-06-23T17:15:09.380`)
* [CVE-2023-35151](CVE-2023/CVE-2023-351xx/CVE-2023-35151.json) (`2023-06-23T17:15:09.457`)
* [CVE-2023-35152](CVE-2023/CVE-2023-351xx/CVE-2023-35152.json) (`2023-06-23T17:15:09.533`)
### CVEs modified in the last Commit
Recently modified CVEs: `16`
Recently modified CVEs: `34`
* [CVE-2023-25978](CVE-2023/CVE-2023-259xx/CVE-2023-25978.json) (`2023-06-23T14:42:31.170`)
* [CVE-2023-28303](CVE-2023/CVE-2023-283xx/CVE-2023-28303.json) (`2023-06-23T14:51:07.207`)
* [CVE-2023-33515](CVE-2023/CVE-2023-335xx/CVE-2023-33515.json) (`2023-06-23T14:58:35.857`)
* [CVE-2023-35143](CVE-2023/CVE-2023-351xx/CVE-2023-35143.json) (`2023-06-23T15:11:48.207`)
* [CVE-2023-27427](CVE-2023/CVE-2023-274xx/CVE-2023-27427.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-28751](CVE-2023/CVE-2023-287xx/CVE-2023-28751.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-29100](CVE-2023/CVE-2023-291xx/CVE-2023-29100.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-32580](CVE-2023/CVE-2023-325xx/CVE-2023-32580.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-3302](CVE-2023/CVE-2023-33xx/CVE-2023-3302.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-3303](CVE-2023/CVE-2023-33xx/CVE-2023-3303.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-3304](CVE-2023/CVE-2023-33xx/CVE-2023-3304.json) (`2023-06-23T15:14:22.530`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-23T15:15:09.137`)
* [CVE-2023-35840](CVE-2023/CVE-2023-358xx/CVE-2023-35840.json) (`2023-06-23T15:15:09.707`)
* [CVE-2023-35144](CVE-2023/CVE-2023-351xx/CVE-2023-35144.json) (`2023-06-23T15:18:22.670`)
* [CVE-2023-35145](CVE-2023/CVE-2023-351xx/CVE-2023-35145.json) (`2023-06-23T15:24:30.130`)
* [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2023-06-23T15:30:53.490`)
* [CVE-2022-47076](CVE-2022/CVE-2022-470xx/CVE-2022-47076.json) (`2023-06-23T17:15:09.180`)
* [CVE-2022-4927](CVE-2022/CVE-2022-49xx/CVE-2022-4927.json) (`2023-06-23T17:18:06.220`)
* [CVE-2022-45910](CVE-2022/CVE-2022-459xx/CVE-2022-45910.json) (`2023-06-23T17:30:40.503`)
* [CVE-2022-4613](CVE-2022/CVE-2022-46xx/CVE-2022-4613.json) (`2023-06-23T17:45:50.137`)
* [CVE-2022-46355](CVE-2022/CVE-2022-463xx/CVE-2022-46355.json) (`2023-06-23T17:49:07.097`)
* [CVE-2022-25310](CVE-2022/CVE-2022-253xx/CVE-2022-25310.json) (`2023-06-23T17:50:23.680`)
* [CVE-2022-46145](CVE-2022/CVE-2022-461xx/CVE-2022-46145.json) (`2023-06-23T17:54:04.830`)
* [CVE-2022-46333](CVE-2022/CVE-2022-463xx/CVE-2022-46333.json) (`2023-06-23T17:55:17.323`)
* [CVE-2022-25371](CVE-2022/CVE-2022-253xx/CVE-2022-25371.json) (`2023-06-23T17:57:34.310`)
* [CVE-2022-25172](CVE-2022/CVE-2022-251xx/CVE-2022-25172.json) (`2023-06-23T17:59:57.060`)
* [CVE-2023-27585](CVE-2023/CVE-2023-275xx/CVE-2023-27585.json) (`2023-06-23T16:15:09.087`)
* [CVE-2023-2986](CVE-2023/CVE-2023-29xx/CVE-2023-2986.json) (`2023-06-23T16:15:09.193`)
* [CVE-2023-34617](CVE-2023/CVE-2023-346xx/CVE-2023-34617.json) (`2023-06-23T16:16:08.900`)
* [CVE-2023-25434](CVE-2023/CVE-2023-254xx/CVE-2023-25434.json) (`2023-06-23T16:25:42.077`)
* [CVE-2023-34565](CVE-2023/CVE-2023-345xx/CVE-2023-34565.json) (`2023-06-23T16:32:00.177`)
* [CVE-2023-26965](CVE-2023/CVE-2023-269xx/CVE-2023-26965.json) (`2023-06-23T16:35:15.000`)
* [CVE-2023-34362](CVE-2023/CVE-2023-343xx/CVE-2023-34362.json) (`2023-06-23T17:15:09.243`)
* [CVE-2023-34824](CVE-2023/CVE-2023-348xx/CVE-2023-34824.json) (`2023-06-23T17:18:09.090`)
* [CVE-2023-34823](CVE-2023/CVE-2023-348xx/CVE-2023-34823.json) (`2023-06-23T17:28:17.633`)
* [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2023-06-23T17:32:50.523`)
* [CVE-2023-30150](CVE-2023/CVE-2023-301xx/CVE-2023-30150.json) (`2023-06-23T17:36:03.973`)
* [CVE-2023-35146](CVE-2023/CVE-2023-351xx/CVE-2023-35146.json) (`2023-06-23T17:41:06.993`)
* [CVE-2023-35142](CVE-2023/CVE-2023-351xx/CVE-2023-35142.json) (`2023-06-23T17:42:10.913`)
* [CVE-2023-34253](CVE-2023/CVE-2023-342xx/CVE-2023-34253.json) (`2023-06-23T17:48:02.437`)
* [CVE-2023-31671](CVE-2023/CVE-2023-316xx/CVE-2023-31671.json) (`2023-06-23T17:54:22.977`)
## Download and Usage