admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-05T18:00:24.352498+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-05 20:00:27 +02:00
parent 9d7ffedd88
commit 1354192212
40 changed files with 2759 additions and 165 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
CVE-2012/CVE-2012-58xx/CVE-2012-5872.json Normal file
View File

@ -0,0 +1,97 @@
{
"id": "CVE-2012-5872",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T00:15:08.857",
"lastModified": "2023-05-05T17:29:16.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arc2_project:arc2:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2011-12-01",
"matchCriteriaId": "13F5C4DA-E912-4B4D-B969-C94D8E827292"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

95
CVE-2020/CVE-2020-47xx/CVE-2020-4729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-4729",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T02:15:08.697",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:22:10.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,73 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052",
"source": "psirt@us.ibm.com"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.ibm.com/support/pages/node/6985595",
"source": "psirt@us.ibm.com"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7.0.00",
"versionEndExcluding": "5.7.0.11",
"matchCriteriaId": "0AEFA29E-F86F-464B-BC44-F1E4C28264DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0.00",
"versionEndExcluding": "6.0.0.08",
"matchCriteriaId": "358ECF1F-535B-4450-9AF4-2F69CB706331"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.0.00",
"versionEndExcluding": "6.1.0.06",
"matchCriteriaId": "49094F58-A35E-460A-A64D-6380FEBF16C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.00",
"versionEndExcluding": "6.2.1.01",
"matchCriteriaId": "DE0C4698-110B-4296-A661-65501DE5472A"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/188052",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6985595",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

209
CVE-2020/CVE-2020-85xx/CVE-2020-8597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-8597",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-02-03T23:15:11.387",
"lastModified": "2020-08-11T19:15:17.423",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-05T17:48:17.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -77,6 +77,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -92,44 +93,165 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:pfc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "03.04.10\\(16\\)",
"matchCriteriaId": "8C3DA645-3F47-4B59-B56B-AB16431D0950"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:pfc100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F636354-95A2-4B36-9666-1FA57F185432"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:pfc200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "688A3248-7EAA-499D-A47C-A4D4900CDBD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00006.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/156662/pppd-2.4.8-Buffer-Overflow.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/156802/pppd-2.4.8-Buffer-Overflow.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2020/Mar/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:0630",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:0631",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:0633",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:0634",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-809841.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426",
@ -141,51 +263,92 @@
},
{
"url": "https://kb.netgear.com/000061806/Security-Advisory-for-Unauthenticated-Remote-Buffer-Overflow-Attack-in-PPPD-on-WAC510-PSV-2020-0136",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00005.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNJNHWOO4XF73M2W56ILZUY4JQG3JXIR/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YOFDAIOWSWPG732ASYUZNINMXDHY4APE/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202003-19",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20200313-0004/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-224-04",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://usn.ubuntu.com/4288-1/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/4288-2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2020/dsa-4632",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.kb.cert.org/vuls/id/782301",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.synology.com/security/advisory/Synology_SA_20_02",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

22
CVE-2021/CVE-2021-274xx/CVE-2021-27452.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-27452",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2021-03-25T20:15:13.227",
"lastModified": "2021-03-29T17:36:06.197",
"lastModified": "2023-05-05T17:00:28.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
@ -43,17 +43,17 @@
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "NETWORK",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0
"baseScore": 7.2
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,

6
CVE-2022/CVE-2022-01xx/CVE-2022-0108.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0108",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2022-02-12T00:15:07.660",
"lastModified": "2023-05-03T21:15:09.783",
"lastModified": "2023-05-05T17:15:09.343",
"vulnStatus": "Modified",
"descriptions": [
{
@ -157,6 +157,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQJB6ZPRLKV6WCMX2PRRRQBFAOXFBK6B/",
"source": "chrome-cve-admin@google.com",

4
CVE-2022/CVE-2022-439xx/CVE-2022-43919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43919",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.480",
"lastModified": "2023-05-05T15:15:09.480",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2022/CVE-2022-484xx/CVE-2022-48481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48481",
"sourceIdentifier": "security@jetbrains.com",
"published": "2023-04-28T10:15:09.130",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:26:17.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@jetbrains.com",
"type": "Secondary",
@ -46,10 +66,43 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:toolbox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"matchCriteriaId": "CD93008D-A730-4889-9DD2-DB3AFB0A9E73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-19xx/CVE-2023-1967.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-1967",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T22:15:09.187",
"lastModified": "2023-04-28T12:58:13.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:14:43.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -23,10 +56,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-115-01",
"source": "ics-cert@hq.dhs.gov"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:keysight:n8844a:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.1.7351",
"matchCriteriaId": "4A1836E6-7210-40CE-AC6E-9276AFD17774"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-115-01",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

57
CVE-2023/CVE-2023-226xx/CVE-2023-22665.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-22665",
"sourceIdentifier": "security@apache.org",
"published": "2023-04-25T07:15:08.137",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:15:38.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is insufficient checking of user queries in Apache Jena versions 4.7.0 and earlier, when invoking custom scripts. It allows a remote user to execute arbitrary javascript via a SPARQL query."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,10 +46,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://lists.apache.org/thread/s0dmpsxcwqs57l4qfs415klkgmhdxq7s",
"source": "security@apache.org"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:jena:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8.0",
"matchCriteriaId": "BCB08D46-F833-446E-A76D-E11F3F55F481"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/s0dmpsxcwqs57l4qfs415klkgmhdxq7s",
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Mailing List"
]
}
]
}

4
CVE-2023/CVE-2023-228xx/CVE-2023-22874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22874",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.567",
"lastModified": "2023-05-05T15:15:09.567",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2023/CVE-2023-23xx/CVE-2023-2322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2322",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-27T09:15:09.927",
"lastModified": "2023-04-27T09:15:09.927",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:07:09.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/pimcore/pimcore/commit/9fc674892b8b53103098b9524705074a45e7f773",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.dev/bounties/f7228f3f-3bef-46fe-b0e3-56c432048a67",
"source": "security@huntr.dev"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.21",
"matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/9fc674892b8b53103098b9524705074a45e7f773",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/f7228f3f-3bef-46fe-b0e3-56c432048a67",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

63
CVE-2023/CVE-2023-23xx/CVE-2023-2323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2323",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-27T09:15:10.007",
"lastModified": "2023-04-27T09:15:10.007",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:05:58.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/pimcore/pimcore/commit/e88fa79de7b5903fb58ddbc231130b04d937d79e",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.dev/bounties/41edf190-f6bf-4a29-a237-7ff1b2d048d3",
"source": "security@huntr.dev"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.21",
"matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/e88fa79de7b5903fb58ddbc231130b04d937d79e",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/41edf190-f6bf-4a29-a237-7ff1b2d048d3",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

63
CVE-2023/CVE-2023-23xx/CVE-2023-2356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2356",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-28T00:15:08.890",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:17:38.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896",
"source": "security@huntr.dev"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "9D848560-15B3-4F3C-BB4D-A847948CE1EC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

63
CVE-2023/CVE-2023-23xx/CVE-2023-2360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2360",
"sourceIdentifier": "security@acronis.com",
"published": "2023-04-28T12:15:09.820",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:54:49.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4215",
"source": "security@acronis.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.2.0-135",
"matchCriteriaId": "32CC6362-8BB7-45EA-B0D9-AB9CDF786FC6"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4215",
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-253xx/CVE-2023-25358.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25358",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-03-02T15:15:10.370",
"lastModified": "2023-05-01T06:15:13.963",
"lastModified": "2023-05-05T17:15:09.463",
"vulnStatus": "Modified",
"descriptions": [
{
@ -105,6 +105,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-262xx/CVE-2023-26285.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-26285",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T16:15:09.300",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248418",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6986563",
"source": "psirt@us.ibm.com"
}
]
}

72
CVE-2023/CVE-2023-275xx/CVE-2023-27556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27556",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T01:15:06.967",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:20:33.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.0.00",
"versionEndExcluding": "6.3.1.04",
"matchCriteriaId": "BE0EAC73-2C1A-4303-AAA4-515C4B25ACDA"
},
{
"url": "https://https://www.ibm.com/support/pages/node/6985601",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.00",
"versionEndExcluding": "6.4.2.03",
"matchCriteriaId": "A5BD5489-C3E5-4BB6-8142-C900E735464E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*",
"matchCriteriaId": "727697D8-022F-4C78-8BD2-27548DA1F70D"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249190",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6985601?_ga=2.43419744.496803297.1683030163-785517468.1677620719",
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-275xx/CVE-2023-27557.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27557",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T02:15:08.910",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:22:40.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,66 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192",
"source": "psirt@us.ibm.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.0.00",
"versionEndExcluding": "6.1.1.03",
"matchCriteriaId": "2FD3EAC9-EF52-41AC-A784-F8AA19D97C3C"
},
{
"url": "https://www.ibm.com/support/pages/node/6985603",
"source": "psirt@us.ibm.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.00",
"versionEndExcluding": "6.2.2.03",
"matchCriteriaId": "47F2E960-5FB2-4A7C-A8E3-D89E7C390D6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.0.00",
"versionEndExcluding": "6.3.1.03",
"matchCriteriaId": "88AA28EC-168B-4228-84F5-D4060EC65308"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0.00",
"versionEndExcluding": "6.4.2.02",
"matchCriteriaId": "0BD2F86A-17C0-4B3A-943E-F8DBD44A5141"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:safer_payments:6.5.0.00:*:*:*:*:*:*:*",
"matchCriteriaId": "727697D8-022F-4C78-8BD2-27548DA1F70D"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249192",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6985603",
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-282xx/CVE-2023-28205.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28205",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.237",
"lastModified": "2023-05-03T21:15:18.837",
"lastModified": "2023-05-05T17:15:09.547",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-04-10",
"cisaActionDue": "2023-05-01",
@ -145,6 +145,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6QL5OGMSHRQ26FTYWZUXVNWB2VHOSVXK/",
"source": "product-security@apple.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KC7DMUX37BRCLAI4VPQYHDUVEGTNYN5A/",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213720",
"source": "product-security@apple.com",

20
CVE-2023/CVE-2023-296xx/CVE-2023-29659.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29659",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T16:15:09.387",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/strukturag/libheif/issues/794",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-299xx/CVE-2023-29932.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.633",
"lastModified": "2023-05-05T15:15:09.633",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.683",
"lastModified": "2023-05-05T15:15:09.683",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.733",
"lastModified": "2023-05-05T15:15:09.733",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29935.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.783",
"lastModified": "2023-05-05T15:15:09.783",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29939",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.850",
"lastModified": "2023-05-05T15:15:09.850",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29941.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29941",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.917",
"lastModified": "2023-05-05T15:15:09.917",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-299xx/CVE-2023-29942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29942",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.970",
"lastModified": "2023-05-05T15:15:09.970",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-300xx/CVE-2023-30053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30053",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.020",
"lastModified": "2023-05-05T15:15:10.020",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-300xx/CVE-2023-30054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30054",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.070",
"lastModified": "2023-05-05T15:15:10.070",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

68
CVE-2023/CVE-2023-303xx/CVE-2023-30380.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-30380",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T22:15:09.917",
"lastModified": "2023-04-28T12:58:13.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:16:16.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/Howard512966/DedeCMS-v5.7.107-Directory-Traversal",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedecms:dedecms:5.7.107:*:*:*:*:*:*:*",
"matchCriteriaId": "2686D296-F85A-49DE-9323-06E80784B9A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Howard512966/DedeCMS-v5.7.107-Directory-Traversal",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-304xx/CVE-2023-30434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30434",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:10.117",
"lastModified": "2023-05-05T15:15:10.117",
"vulnStatus": "Received",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

600
CVE-2023/CVE-2023-304xx/CVE-2023-30466.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30466",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2023-04-28T11:15:08.987",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:27:07.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -46,10 +76,570 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121",
"source": "vdisclose@cert-in.org.in"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "BE1B2A5B-60C9-4A59-B55D-AC0094C3B1D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58261CC1-427F-4A52-A008-6B6716112BBF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-unc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "AFA4F551-2D31-4702-92D0-CAA5A13F129E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-unc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB41652-D278-4292-B7BB-7F070E361DAC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "09767926-CFFF-46FE-B4BF-6837B4EA8289"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE88C635-0150-480E-8A89-5A56BE05D61E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1004-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "67C8EA84-347F-489B-9D14-F5F0FD70CF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1004-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AE04A5-3029-4BEB-BDCE-3C0FAF39E31E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5016-e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "6942BA61-4138-4E0A-8752-7FDE859648BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5016-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DA6501-93EC-41A5-B282-C64C21F60B67"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "252CCDD9-ADDB-409D-9959-0C04EE22476B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8433B3-851C-4B85-98E9-BBC03F9DA4C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7016-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "5D7FA22E-4503-4BC8-B44B-95D07C76CE38"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7016-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F41EFC-32FD-4B45-96D0-99704EBBFDF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7032-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "6BB803FE-800A-4C0C-B3A2-360CAFF8404E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7032-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE84B357-0D42-4C10-A33C-E7800423417F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n8064-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "0795157C-5761-4B2F-8A0B-D517D1ECFB14"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n8064-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD889EAE-987D-42C2-9BCE-995583A47894"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n8032-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "4EA14E16-90BE-4C8D-A1CD-92A911B74692"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n8032-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62654248-D2A8-494C-847F-8AF636506F20"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1004-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "57B5543B-1734-4E8F-8836-1AFDA14B1558"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1004-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9672C3-28C3-4E9B-B30F-86B50EC5BC07"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "D2D27E22-9CCF-43CB-BBBB-4AFDC7201E1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E4CEB9-6C20-4071-9DAF-6D0DAA1FD1A4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-unpc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "D1F63759-80FE-4A56-8AE3-0F9B99112598"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-unpc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8B2388-7F07-4921-A87E-09D3B705A429"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "9E9E50A7-9795-4619-8C56-C1DB481E7706"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B49E7A8-3823-4BFE-9BC1-86BA575C85AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5016-pe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "2EE2DD36-C16F-4308-80B2-829FEA43CF5D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5016-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98BCC15F-0126-436B-AD93-5485B0049051"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-pe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "05601450-3A08-4326-8884-03A93468FBA3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3BF03A-B2AD-40E9-8287-0A4BC78358FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7016-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "C3A443C3-3520-4B85-AE5C-4230F4BF9067"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7016-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4781C7D-E014-4773-8066-2DC6564557DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7032-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "3281A9A5-5838-4B16-8205-14FD64FB9E96"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7032-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A74207F3-9EEE-491D-AFDA-127A107DC40D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7048-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "A77B9D2B-A8F5-4B4A-9D02-73F3E41AB0C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7048-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4B94E3-80EF-4A72-8069-15EAB4644D4C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-nxxxx-xxg_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "77.9.0.18-r2",
"matchCriteriaId": "1AD1E452-B123-4287-BF44-F6D241F10188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-nxxxx-xxt_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "72.9.0.18-r2",
"matchCriteriaId": "450E1C0E-B7D9-4913-B71B-8EBAB904BFA6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121",
"source": "vdisclose@cert-in.org.in",
"tags": [
"Third Party Advisory"
]
}
]
}

600
CVE-2023/CVE-2023-304xx/CVE-2023-30467.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30467",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2023-04-28T11:15:09.040",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:57:32.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -46,10 +76,570 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121",
"source": "vdisclose@cert-in.org.in"
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "BE1B2A5B-60C9-4A59-B55D-AC0094C3B1D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58261CC1-427F-4A52-A008-6B6716112BBF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-unc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "AFA4F551-2D31-4702-92D0-CAA5A13F129E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-unc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFB41652-D278-4292-B7BB-7F070E361DAC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "09767926-CFFF-46FE-B4BF-6837B4EA8289"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE88C635-0150-480E-8A89-5A56BE05D61E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1004-uc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "67C8EA84-347F-489B-9D14-F5F0FD70CF3C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1004-uc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41AE04A5-3029-4BEB-BDCE-3C0FAF39E31E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5016-e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "6942BA61-4138-4E0A-8752-7FDE859648BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5016-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DA6501-93EC-41A5-B282-C64C21F60B67"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "252CCDD9-ADDB-409D-9959-0C04EE22476B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8433B3-851C-4B85-98E9-BBC03F9DA4C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7016-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "5D7FA22E-4503-4BC8-B44B-95D07C76CE38"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7016-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F41EFC-32FD-4B45-96D0-99704EBBFDF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7032-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "6BB803FE-800A-4C0C-B3A2-360CAFF8404E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7032-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE84B357-0D42-4C10-A33C-E7800423417F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n8064-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "0795157C-5761-4B2F-8A0B-D517D1ECFB14"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n8064-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD889EAE-987D-42C2-9BCE-995583A47894"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n8032-uh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "4EA14E16-90BE-4C8D-A1CD-92A911B74692"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n8032-uh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "62654248-D2A8-494C-847F-8AF636506F20"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1004-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "57B5543B-1734-4E8F-8836-1AFDA14B1558"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1004-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE9672C3-28C3-4E9B-B30F-86B50EC5BC07"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "D2D27E22-9CCF-43CB-BBBB-4AFDC7201E1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9E4CEB9-6C20-4071-9DAF-6D0DAA1FD1A4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n1008-unpc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "D1F63759-80FE-4A56-8AE3-0F9B99112598"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n1008-unpc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8B2388-7F07-4921-A87E-09D3B705A429"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-upc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "73.9.0.18-r2",
"matchCriteriaId": "9E9E50A7-9795-4619-8C56-C1DB481E7706"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-upc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5B49E7A8-3823-4BFE-9BC1-86BA575C85AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5016-pe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "2EE2DD36-C16F-4308-80B2-829FEA43CF5D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5016-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98BCC15F-0126-436B-AD93-5485B0049051"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n5008-pe_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "75.9.0.18-r2",
"matchCriteriaId": "05601450-3A08-4326-8884-03A93468FBA3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n5008-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B3BF03A-B2AD-40E9-8287-0A4BC78358FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7016-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "C3A443C3-3520-4B85-AE5C-4230F4BF9067"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7016-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4781C7D-E014-4773-8066-2DC6564557DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7032-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "3281A9A5-5838-4B16-8205-14FD64FB9E96"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7032-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A74207F3-9EEE-491D-AFDA-127A107DC40D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-n7048-uph_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "71.9.0.18-r2",
"matchCriteriaId": "A77B9D2B-A8F5-4B4A-9D02-73F3E41AB0C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ms-n7048-uph:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4B94E3-80EF-4A72-8069-15EAB4644D4C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-nxxxx-xxg_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "77.9.0.18-r2",
"matchCriteriaId": "1AD1E452-B123-4287-BF44-F6D241F10188"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ms-nxxxx-xxt_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "72.9.0.18-r2",
"matchCriteriaId": "450E1C0E-B7D9-4913-B71B-8EBAB904BFA6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0121",
"source": "vdisclose@cert-in.org.in",
"tags": [
"Third Party Advisory"
]
}
]
}

179
CVE-2023/CVE-2023-305xx/CVE-2023-30549.json Normal file
View File

@ -0,0 +1,179 @@
{
"id": "CVE-2023-30549",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-25T21:15:10.767",
"lastModified": "2023-05-05T16:43:37.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0, installations that include apptainer-suid < 1.1.8, and all versions of Singularity in their default configurations on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation.\n\nApptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid \"rootless\" mode using fuse2fs.\n\nSome workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf (or singularity.conf for singularity versions). This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts. (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files. The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:apptainer:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.1.8",
"matchCriteriaId": "DE6873C2-2BED-4420-B34A-0D4621743ED0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sylabs:singularity:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E717102A-7916-4153-A201-B868E3235ED4"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/cve-2022-1184",
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/apptainer/apptainer/commit/5a4964f5ba9c8d89a0e353b97f51fd607670a9f7",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/apptainer/apptainer/releases/tag/v1.1.8",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/apptainer/apptainer/security/advisories/GHSA-j4rf-7357-f4cg",
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2022-1184",
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://ubuntu.com/security/CVE-2022-1184",
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.suse.com/security/cve/CVE-2022-1184.html",
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
}
]
}

70
CVE-2023/CVE-2023-308xx/CVE-2023-30848.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30848",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-27T16:15:11.273",
"lastModified": "2023-04-27T16:26:09.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T16:53:10.463",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/pimcore/pimcore/commit/25ad8674886f2b938243cbe13e33e204a2e35cc3.patch",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/pimcore/pimcore/pull/14972",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-6mhm-gcpf-5gr8",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.21",
"matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/25ad8674886f2b938243cbe13e33e204a2e35cc3.patch",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pimcore/pimcore/pull/14972",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-6mhm-gcpf-5gr8",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-308xx/CVE-2023-30849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30849",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-27T16:15:11.330",
"lastModified": "2023-04-27T16:26:09.020",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:01:26.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/pimcore/pimcore/commit/c6c80905e58c7724c776f980570a56df7016c6d1.patch",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/pimcore/pimcore/pull/14968",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-xmg8-w465-mr56",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.21",
"matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/c6c80905e58c7724c776f980570a56df7016c6d1.patch",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pimcore/pimcore/pull/14968",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-xmg8-w465-mr56",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-312xx/CVE-2023-31286.json Normal file
View File

@ -0,0 +1,83 @@
{
"id": "CVE-2023-31286",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T03:15:10.160",
"lastModified": "2023-05-05T16:03:42.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When a password reset request occurs, the server response leaks the existence of users. If one tries to reset a password of a non-existent user, an error message indicates that this user does not exist."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:serene:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "620456E1-A567-43A2-8B5C-E1F73AB94895"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:startsharp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "C91CF539-3B1C-4A7F-8C64-2606F24BB5CF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-314xx/CVE-2023-31436.json
View File

@ -2,27 +2,91 @@
"id": "CVE-2023-31436",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T02:15:09.007",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T17:24:37.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
{
"url": "https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d",
"source": "cve@mitre.org"
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.spinics.net/lists/stable-commits/msg294885.html",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.13",
"matchCriteriaId": "EA8B36B5-B3EC-431B-B425-1847BE9C994F"
}
]
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.13",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/3037933448f60f9acb705997eae62013ecb81e0d",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://www.spinics.net/lists/stable-commits/msg294885.html",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

24
CVE-2023/CVE-2023-322xx/CVE-2023-32269.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32269",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T17:15:09.623",
"lastModified": "2023-05-05T17:15:09.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.11",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/torvalds/linux/commit/611792920925fb088ddccbe2783c7f92fdfb6b64",
"source": "cve@mitre.org"
}
]
}

83
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-05T16:00:24.497596+00:00
2023-05-05T18:00:24.352498+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-05T15:55:21.747000+00:00
2023-05-05T17:57:32.067000+00:00
```
### Last Data Feed Release
@ -29,53 +29,58 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214158
214161
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `3`
* [CVE-2022-38707](CVE-2022/CVE-2022-387xx/CVE-2022-38707.json) (`2023-05-05T14:15:09.057`)
* [CVE-2022-43919](CVE-2022/CVE-2022-439xx/CVE-2022-43919.json) (`2023-05-05T15:15:09.480`)
* [CVE-2023-22874](CVE-2023/CVE-2023-228xx/CVE-2023-22874.json) (`2023-05-05T15:15:09.567`)
* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-05T15:15:09.633`)
* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-05T15:15:09.683`)
* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-05T15:15:09.733`)
* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-05T15:15:09.783`)
* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-05T15:15:09.850`)
* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-05T15:15:09.917`)
* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-05T15:15:09.970`)
* [CVE-2023-30013](CVE-2023/CVE-2023-300xx/CVE-2023-30013.json) (`2023-05-05T14:15:09.147`)
* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-05T15:15:10.020`)
* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-05T15:15:10.070`)
* [CVE-2023-30243](CVE-2023/CVE-2023-302xx/CVE-2023-30243.json) (`2023-05-05T14:15:09.190`)
* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-05T15:15:10.117`)
* [CVE-2023-26285](CVE-2023/CVE-2023-262xx/CVE-2023-26285.json) (`2023-05-05T16:15:09.300`)
* [CVE-2023-29659](CVE-2023/CVE-2023-296xx/CVE-2023-29659.json) (`2023-05-05T16:15:09.387`)
* [CVE-2023-32269](CVE-2023/CVE-2023-322xx/CVE-2023-32269.json) (`2023-05-05T17:15:09.623`)
### CVEs modified in the last Commit
Recently modified CVEs: `19`
Recently modified CVEs: `36`
* [CVE-2020-36070](CVE-2020/CVE-2020-360xx/CVE-2020-36070.json) (`2023-05-05T15:21:50.040`)
* [CVE-2022-45456](CVE-2022/CVE-2022-454xx/CVE-2022-45456.json) (`2023-05-05T15:50:41.277`)
* [CVE-2023-0045](CVE-2023/CVE-2023-00xx/CVE-2023-0045.json) (`2023-05-05T15:54:54.760`)
* [CVE-2023-2269](CVE-2023/CVE-2023-22xx/CVE-2023-2269.json) (`2023-05-05T14:04:37.237`)
* [CVE-2023-2291](CVE-2023/CVE-2023-22xx/CVE-2023-2291.json) (`2023-05-05T14:35:51.847`)
* [CVE-2023-26567](CVE-2023/CVE-2023-265xx/CVE-2023-26567.json) (`2023-05-05T15:10:19.097`)
* [CVE-2023-28472](CVE-2023/CVE-2023-284xx/CVE-2023-28472.json) (`2023-05-05T14:51:21.107`)
* [CVE-2023-28473](CVE-2023/CVE-2023-284xx/CVE-2023-28473.json) (`2023-05-05T15:13:54.867`)
* [CVE-2023-28474](CVE-2023/CVE-2023-284xx/CVE-2023-28474.json) (`2023-05-05T14:25:33.800`)
* [CVE-2023-28475](CVE-2023/CVE-2023-284xx/CVE-2023-28475.json) (`2023-05-05T14:25:46.357`)
* [CVE-2023-28476](CVE-2023/CVE-2023-284xx/CVE-2023-28476.json) (`2023-05-05T14:25:10.817`)
* [CVE-2023-28477](CVE-2023/CVE-2023-284xx/CVE-2023-28477.json) (`2023-05-05T14:15:19.653`)
* [CVE-2023-28528](CVE-2023/CVE-2023-285xx/CVE-2023-28528.json) (`2023-05-05T15:19:10.797`)
* [CVE-2023-28819](CVE-2023/CVE-2023-288xx/CVE-2023-28819.json) (`2023-05-05T14:14:24.943`)
* [CVE-2023-30363](CVE-2023/CVE-2023-303xx/CVE-2023-30363.json) (`2023-05-05T14:41:38.840`)
* [CVE-2023-30843](CVE-2023/CVE-2023-308xx/CVE-2023-30843.json) (`2023-05-05T14:45:53.007`)
* [CVE-2023-31250](CVE-2023/CVE-2023-312xx/CVE-2023-31250.json) (`2023-05-05T15:27:27.100`)
* [CVE-2023-31285](CVE-2023/CVE-2023-312xx/CVE-2023-31285.json) (`2023-05-05T15:21:50.697`)
* [CVE-2023-31287](CVE-2023/CVE-2023-312xx/CVE-2023-31287.json) (`2023-05-05T15:55:21.747`)
* [CVE-2012-5872](CVE-2012/CVE-2012-58xx/CVE-2012-5872.json) (`2023-05-05T17:29:16.587`)
* [CVE-2020-4729](CVE-2020/CVE-2020-47xx/CVE-2020-4729.json) (`2023-05-05T17:22:10.933`)
* [CVE-2020-8597](CVE-2020/CVE-2020-85xx/CVE-2020-8597.json) (`2023-05-05T17:48:17.840`)
* [CVE-2021-27452](CVE-2021/CVE-2021-274xx/CVE-2021-27452.json) (`2023-05-05T17:00:28.207`)
* [CVE-2022-0108](CVE-2022/CVE-2022-01xx/CVE-2022-0108.json) (`2023-05-05T17:15:09.343`)
* [CVE-2022-43919](CVE-2022/CVE-2022-439xx/CVE-2022-43919.json) (`2023-05-05T16:27:24.373`)
* [CVE-2022-48481](CVE-2022/CVE-2022-484xx/CVE-2022-48481.json) (`2023-05-05T17:26:17.873`)
* [CVE-2023-1967](CVE-2023/CVE-2023-19xx/CVE-2023-1967.json) (`2023-05-05T17:14:43.903`)
* [CVE-2023-22665](CVE-2023/CVE-2023-226xx/CVE-2023-22665.json) (`2023-05-05T17:15:38.370`)
* [CVE-2023-22874](CVE-2023/CVE-2023-228xx/CVE-2023-22874.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-2322](CVE-2023/CVE-2023-23xx/CVE-2023-2322.json) (`2023-05-05T16:07:09.430`)
* [CVE-2023-2323](CVE-2023/CVE-2023-23xx/CVE-2023-2323.json) (`2023-05-05T16:05:58.873`)
* [CVE-2023-2356](CVE-2023/CVE-2023-23xx/CVE-2023-2356.json) (`2023-05-05T17:17:38.893`)
* [CVE-2023-2360](CVE-2023/CVE-2023-23xx/CVE-2023-2360.json) (`2023-05-05T17:54:49.673`)
* [CVE-2023-25358](CVE-2023/CVE-2023-253xx/CVE-2023-25358.json) (`2023-05-05T17:15:09.463`)
* [CVE-2023-27556](CVE-2023/CVE-2023-275xx/CVE-2023-27556.json) (`2023-05-05T17:20:33.150`)
* [CVE-2023-27557](CVE-2023/CVE-2023-275xx/CVE-2023-27557.json) (`2023-05-05T17:22:40.030`)
* [CVE-2023-28205](CVE-2023/CVE-2023-282xx/CVE-2023-28205.json) (`2023-05-05T17:15:09.547`)
* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-30380](CVE-2023/CVE-2023-303xx/CVE-2023-30380.json) (`2023-05-05T17:16:16.607`)
* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-05T16:27:24.373`)
* [CVE-2023-30466](CVE-2023/CVE-2023-304xx/CVE-2023-30466.json) (`2023-05-05T17:27:07.267`)
* [CVE-2023-30467](CVE-2023/CVE-2023-304xx/CVE-2023-30467.json) (`2023-05-05T17:57:32.067`)
* [CVE-2023-30549](CVE-2023/CVE-2023-305xx/CVE-2023-30549.json) (`2023-05-05T16:43:37.560`)
* [CVE-2023-30848](CVE-2023/CVE-2023-308xx/CVE-2023-30848.json) (`2023-05-05T16:53:10.463`)
* [CVE-2023-30849](CVE-2023/CVE-2023-308xx/CVE-2023-30849.json) (`2023-05-05T17:01:26.523`)
* [CVE-2023-31286](CVE-2023/CVE-2023-312xx/CVE-2023-31286.json) (`2023-05-05T16:03:42.800`)
* [CVE-2023-31436](CVE-2023/CVE-2023-314xx/CVE-2023-31436.json) (`2023-05-05T17:24:37.710`)
## Download and Usage