diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46706.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46706.json index e9c0021d5e3..8d9169f1e40 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46706.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46706.json @@ -2,27 +2,175 @@ "id": "CVE-2022-46706", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.237", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:48:18.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A type confusion issue was addressed with improved state handling. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to execute arbitrary code with kernel privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-843" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*", + "matchCriteriaId": "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*", + "matchCriteriaId": "F12CC8B5-C1EB-419E-8496-B9A3864656AD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", + "matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*", + "matchCriteriaId": "7FD7176C-F4D1-43A7-9E49-BA92CA0D9980" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*", + "matchCriteriaId": "2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", + "matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", + "matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", + "matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", + "matchCriteriaId": "3456176F-9185-4EE2-A8CE-3D989D674AB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", + "matchCriteriaId": "D337EE21-2F00-484D-9285-F2B0248D7A19" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", + "matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", + "matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*", + "matchCriteriaId": "8E974DC6-F7D9-4389-9AF9-863F6E419CE6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*", + "matchCriteriaId": "156A6382-2BD3-4882-90B2-8E7CF6659E17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*", + "matchCriteriaId": "20A2FDB2-6712-406A-9896-C0B44508B07D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.0", + "versionEndExcluding": "11.6.5", + "matchCriteriaId": "BFCD1738-94C6-42DF-8699-BC96589F7221" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.0", + "versionEndExcluding": "12.3", + "matchCriteriaId": "9422A022-F279-4596-BC97-3223611D73DC" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213183", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213184", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213185", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46722.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46722.json index 041cd3da597..dd55dc34968 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46722.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46722.json @@ -2,19 +2,83 @@ "id": "CVE-2022-46722", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.303", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:43:34.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0", + "matchCriteriaId": "0A960726-1CF4-4E71-A1F7-2EA775D02DAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.0", + "versionEndExcluding": "13.0", + "matchCriteriaId": "2A54F5E4-E3E1-4F25-BDD8-64E0BDA06BE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213488", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46724.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46724.json index 6d5b57e185e..76762749d10 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46724.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46724.json @@ -2,19 +2,82 @@ "id": "CVE-2022-46724", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.360", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:43:43.330", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46725.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46725.json index 50733d57662..683fd48d05b 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46725.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46725.json @@ -2,19 +2,82 @@ "id": "CVE-2022-46725", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.420", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:43:53.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48503.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48503.json index b60d479029d..838251fb395 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48503.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48503.json @@ -2,35 +2,139 @@ "id": "CVE-2022-48503", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.490", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:35.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.6", + "matchCriteriaId": "5CB295E5-F980-40EC-AF3D-8D5739204C04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.6", + "matchCriteriaId": "F5E4F87A-8003-43EB-99F7-35C82AEA4DC0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.6", + "matchCriteriaId": "B6FA9FE3-1891-405C-B191-04CAB84ADD46" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0.0", + "versionEndExcluding": "12.5", + "matchCriteriaId": "F86C9DC9-3814-4254-A332-257455B6880A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.6", + "matchCriteriaId": "83FC1965-2381-49FF-9521-355D29B28B71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.7", + "matchCriteriaId": "8EB2AF3C-B2A0-41AD-9C3E-14B220620FF0" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213340", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213341", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213342", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213345", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213346", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27939.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27939.json index 6e221413ae2..bdc4f794849 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27939.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27939.json @@ -2,19 +2,77 @@ "id": "CVE-2023-27939", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.573", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:42.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27947.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27947.json index b26baa3587f..bff7cedab15 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27947.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27947.json @@ -2,19 +2,77 @@ "id": "CVE-2023-27947", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.637", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:22.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27948.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27948.json index 82ccf9865c5..85d3716875f 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27948.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27948.json @@ -2,19 +2,77 @@ "id": "CVE-2023-27948", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.710", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:48.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28179.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28179.json index 74b7de755ae..67056c0da58 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28179.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28179.json @@ -2,19 +2,77 @@ "id": "CVE-2023-28179", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.770", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:44:01.763", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted AppleScript binary may result in unexpected app termination or disclosure of process memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28198.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28198.json index 0a1adc7d073..0bbfadb5a13 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28198.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28198.json @@ -2,23 +2,97 @@ "id": "CVE-2023-28198", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.830", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:43:25.777", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28199.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28199.json index b41b4147061..de5266a9242 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28199.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28199.json @@ -2,19 +2,77 @@ "id": "CVE-2023-28199", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.893", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:57.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28479.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28479.json index eb33f6123ac..d52ade42afe 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28479.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28479.json @@ -2,19 +2,75 @@ "id": "CVE-2023-28479", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T14:15:09.770", - "lastModified": "2023-08-15T16:06:01.557", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:44:22.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph platform installs a full development toolchain within every TigerGraph deployment. An attacker is able to compile new executables on each Tigergraph system and modify system and Tigergraph binaries." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tigergraph:tigergraph:3.7.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "BA582564-26E0-465D-A957-0EFD55AC3D03" + } + ] + } + ] + } + ], "references": [ { "url": "https://neo4j.com/security/cve-2023-28479/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32358.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32358.json index e42f616936a..a913633a32a 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32358.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32358.json @@ -2,23 +2,99 @@ "id": "CVE-2023-32358", "sourceIdentifier": "product-security@apple.com", "published": "2023-08-14T23:15:10.957", - "lastModified": "2023-08-15T12:29:16.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:42:12.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-843" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.4", + "matchCriteriaId": "79A85DA3-B374-444F-B9A2-7E4F334C26DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.4", + "matchCriteriaId": "E33C3BC5-6CFC-4B58-8642-80A9FE00DB24" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38851.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38851.json index 067e8bf5559..69350246b76 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38851.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38851.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38851", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:10.603", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:45:27.833", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1018." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38852.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38852.json index e594f968465..3588d5b2993 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38852.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38852.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38852", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:10.760", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:43:18.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the unicode_decode_wcstombs function in xlstool.c:266." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38853.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38853.json index 63a23b6b9f5..93c228b7620 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38853.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38853.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38853", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:10.897", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:45:35.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the xls_parseWorkBook function in xls.c:1015." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38854.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38854.json index ffd3876be96..4acba95cd49 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38854.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38854.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38854", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:11.047", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:45:44.393", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the transcode_latin1_to_utf8 function in xlstool.c:296." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38855.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38855.json index cb63ae0c2ca..0360720165c 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38855.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38855.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38855", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:11.153", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:45:53.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:395." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38856.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38856.json index ef3249e0bc1..370e84c5179 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38856.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38856.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38856", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:11.270", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:46:02.807", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted XLS file to the get_string function in xlstool.c:411." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libxls_project:libxls:1.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "716193D2-B36C-4AED-BB10-43E8E89E2E0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/libxls/libxls/issues/124", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38857.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38857.json index 920e44c82d4..a6926cd8448 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38857.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38857.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38857", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:11.420", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:46:29.767", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:faad2_project:faad2:2.10.1:*:*:*:*:*:*:*", + "matchCriteriaId": "49A2F342-2F20-4146-8972-7FFE7B524B0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/knik0/faad2/issues/171", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38858.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38858.json index 7ee26138a2b..2e9fa23a6bd 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38858.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38858.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38858", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T17:15:11.597", - "lastModified": "2023-08-15T17:15:41.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-19T00:46:47.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the mp4info function in mp4read.c:1039." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:faad2_project:faad2:2.10.1:*:*:*:*:*:*:*", + "matchCriteriaId": "49A2F342-2F20-4146-8972-7FFE7B524B0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/knik0/faad2/issues/173", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json index 3d130f71375..463d34bda31 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3997.json @@ -2,12 +2,12 @@ "id": "CVE-2023-3997", "sourceIdentifier": "prodsec@splunk.com", "published": "2023-07-31T17:15:10.110", - "lastModified": "2023-08-04T17:09:13.420", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-19T01:15:09.100", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action." + "value": "Splunk SOAR versions lower than 6.1.0 are indirectly affected by a potential vulnerability accessed through the user\u2019s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal user\u2019s action." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-400xx/CVE-2023-40037.json b/CVE-2023/CVE-2023-400xx/CVE-2023-40037.json index e6f67092a4e..74c75ee82e7 100644 --- a/CVE-2023/CVE-2023-400xx/CVE-2023-40037.json +++ b/CVE-2023/CVE-2023-400xx/CVE-2023-40037.json @@ -2,7 +2,7 @@ "id": "CVE-2023-40037", "sourceIdentifier": "security@apache.org", "published": "2023-08-18T22:15:10.690", - "lastModified": "2023-08-18T22:15:10.690", + "lastModified": "2023-08-19T00:15:09.703", "vulnStatus": "Received", "descriptions": [ { @@ -24,6 +24,10 @@ } ], "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/08/18/2", + "source": "security@apache.org" + }, { "url": "https://lists.apache.org/thread/bqbjlrs2p5ghh8sbk5nsxb8xpf9l687q", "source": "security@apache.org" diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4432.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4432.json new file mode 100644 index 00000000000..5fba14fed1a --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4432.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-4432", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-08-19T01:15:09.290", + "lastModified": "2023-08-19T01:15:09.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/cockpit-hq/cockpit/commit/2a93d391fbd2dd9e730f65d43b29beb65903d195", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/69684663-6822-41ff-aa05-afbdb8f5268f", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4433.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4433.json new file mode 100644 index 00000000000..349591bf14f --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4433.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-4433", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-08-19T01:15:09.573", + "lastModified": "2023-08-19T01:15:09.573", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/cockpit-hq/cockpit/commit/36d1d4d256cbbab028342ba10cc493e5c119172c", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/64f3253d-6852-4b9f-b870-85e896007b1a", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index fff5cfc5605..fd08509d08a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-18T23:55:27.099738+00:00 +2023-08-19T02:00:28.796022+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-18T22:15:11.653000+00:00 +2023-08-19T01:15:09.573000+00:00 ``` ### Last Data Feed Release @@ -23,31 +23,50 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-08-18T00:00:13.596307+00:00 +2023-08-19T00:00:13.540076+00:00 ``` ### Total Number of included CVEs ```plain -223002 +223004 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `2` -* [CVE-2023-38839](CVE-2023/CVE-2023-388xx/CVE-2023-38839.json) (`2023-08-18T22:15:09.803`) -* [CVE-2023-40037](CVE-2023/CVE-2023-400xx/CVE-2023-40037.json) (`2023-08-18T22:15:10.690`) -* [CVE-2023-40172](CVE-2023/CVE-2023-401xx/CVE-2023-40172.json) (`2023-08-18T22:15:11.017`) -* [CVE-2023-40173](CVE-2023/CVE-2023-401xx/CVE-2023-40173.json) (`2023-08-18T22:15:11.127`) -* [CVE-2023-40174](CVE-2023/CVE-2023-401xx/CVE-2023-40174.json) (`2023-08-18T22:15:11.423`) -* [CVE-2023-40175](CVE-2023/CVE-2023-401xx/CVE-2023-40175.json) (`2023-08-18T22:15:11.653`) +* [CVE-2023-4432](CVE-2023/CVE-2023-44xx/CVE-2023-4432.json) (`2023-08-19T01:15:09.290`) +* [CVE-2023-4433](CVE-2023/CVE-2023-44xx/CVE-2023-4433.json) (`2023-08-19T01:15:09.573`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `23` +* [CVE-2022-48503](CVE-2022/CVE-2022-485xx/CVE-2022-48503.json) (`2023-08-19T00:42:35.700`) +* [CVE-2022-46722](CVE-2022/CVE-2022-467xx/CVE-2022-46722.json) (`2023-08-19T00:43:34.500`) +* [CVE-2022-46724](CVE-2022/CVE-2022-467xx/CVE-2022-46724.json) (`2023-08-19T00:43:43.330`) +* [CVE-2022-46725](CVE-2022/CVE-2022-467xx/CVE-2022-46725.json) (`2023-08-19T00:43:53.407`) +* [CVE-2022-46706](CVE-2022/CVE-2022-467xx/CVE-2022-46706.json) (`2023-08-19T00:48:18.847`) +* [CVE-2023-40037](CVE-2023/CVE-2023-400xx/CVE-2023-40037.json) (`2023-08-19T00:15:09.703`) +* [CVE-2023-32358](CVE-2023/CVE-2023-323xx/CVE-2023-32358.json) (`2023-08-19T00:42:12.697`) +* [CVE-2023-27947](CVE-2023/CVE-2023-279xx/CVE-2023-27947.json) (`2023-08-19T00:42:22.560`) +* [CVE-2023-27939](CVE-2023/CVE-2023-279xx/CVE-2023-27939.json) (`2023-08-19T00:42:42.367`) +* [CVE-2023-27948](CVE-2023/CVE-2023-279xx/CVE-2023-27948.json) (`2023-08-19T00:42:48.767`) +* [CVE-2023-28199](CVE-2023/CVE-2023-281xx/CVE-2023-28199.json) (`2023-08-19T00:42:57.233`) +* [CVE-2023-38852](CVE-2023/CVE-2023-388xx/CVE-2023-38852.json) (`2023-08-19T00:43:18.217`) +* [CVE-2023-28198](CVE-2023/CVE-2023-281xx/CVE-2023-28198.json) (`2023-08-19T00:43:25.777`) +* [CVE-2023-28179](CVE-2023/CVE-2023-281xx/CVE-2023-28179.json) (`2023-08-19T00:44:01.763`) +* [CVE-2023-28479](CVE-2023/CVE-2023-284xx/CVE-2023-28479.json) (`2023-08-19T00:44:22.157`) +* [CVE-2023-38851](CVE-2023/CVE-2023-388xx/CVE-2023-38851.json) (`2023-08-19T00:45:27.833`) +* [CVE-2023-38853](CVE-2023/CVE-2023-388xx/CVE-2023-38853.json) (`2023-08-19T00:45:35.180`) +* [CVE-2023-38854](CVE-2023/CVE-2023-388xx/CVE-2023-38854.json) (`2023-08-19T00:45:44.393`) +* [CVE-2023-38855](CVE-2023/CVE-2023-388xx/CVE-2023-38855.json) (`2023-08-19T00:45:53.857`) +* [CVE-2023-38856](CVE-2023/CVE-2023-388xx/CVE-2023-38856.json) (`2023-08-19T00:46:02.807`) +* [CVE-2023-38857](CVE-2023/CVE-2023-388xx/CVE-2023-38857.json) (`2023-08-19T00:46:29.767`) +* [CVE-2023-38858](CVE-2023/CVE-2023-388xx/CVE-2023-38858.json) (`2023-08-19T00:46:47.003`) +* [CVE-2023-3997](CVE-2023/CVE-2023-39xx/CVE-2023-3997.json) (`2023-08-19T01:15:09.100`) ## Download and Usage