admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-11T16:00:24.405603+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-11 18:00:27 +02:00
parent ed67c64d50
commit 1380fd1ea0
41 changed files with 1628 additions and 219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
CVE-2019/CVE-2019-156xx/CVE-2019-15613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-15613",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-02-04T20:15:11.870",
"lastModified": "2020-02-16T01:15:11.493",
"vulnStatus": "Modified",
"lastModified": "2023-05-11T14:00:47.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -94,23 +94,38 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:server:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0.14",
"matchCriteriaId": "F2ABFF6C-84AD-478E-AFAA-B02D7D219DBA"
"matchCriteriaId": "69BE13A7-612F-4C06-B9DD-D5CADE0E89BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:server:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.7",
"matchCriteriaId": "0932B363-A30E-40DA-9A71-2CE819214805"
"matchCriteriaId": "69BAB965-AE57-4674-BF4E-484F779DE1E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.8",
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0.0",
"versionEndExcluding": "17.0.2",
"matchCriteriaId": "316F0CA1-625A-4F70-92A6-56034138C1BB"
"matchCriteriaId": "4DA73A56-619E-44C9-858A-23DD0EC7730C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*",
"matchCriteriaId": "C84D9410-31B7-421A-AD99-8ED2E45A9BC6"
}
]
}
@ -120,17 +135,25 @@
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00019.html",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00022.html",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://hackerone.com/reports/697959",
"source": "support@hackerone.com",
"tags": [
"Permissions Required",
"Patch",
"Third Party Advisory"
]
},
@ -138,6 +161,7 @@
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2020-002",
"source": "support@hackerone.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

8
CVE-2020/CVE-2020-81xx/CVE-2020-8120.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8120",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-02-04T20:15:14.150",
"lastModified": "2020-02-06T19:29:19.487",
"lastModified": "2023-05-11T14:00:35.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -94,9 +94,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud:*:*:*:*:*:android:*:*",
"versionEndExcluding": "3.6.1",
"matchCriteriaId": "94F82520-15B7-411E-B67B-BFB00926B278"
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:16.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED6EF62-178C-480F-911B-0F06888F5264"
}
]
}
@ -116,6 +115,7 @@
"url": "https://nextcloud.com/security/advisory/?id=NC-SA-2019-004",
"source": "support@hackerone.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

55
CVE-2021/CVE-2021-403xx/CVE-2021-40331.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2021-40331",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-05T08:15:08.683",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:14:20.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the ownership of the table in Hive when Apache Ranger Hive Plugin is enabled\nThis issue affects Apache Ranger Hive Plugin: from 2.0.0 through 2.3.0. Users are recommended to upgrade to version 2.4.0 or later.\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,10 +46,34 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:ranger:*:*:*:*:*:hive:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.3.0",
"matchCriteriaId": "A08606DA-FA38-4BC1-96D0-18BCCD0FDC96"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/s68yls6cnkdmzn1k4hqt50vs6wjvt2rn",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-31xx/CVE-2022-3162.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3162",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-03-01T19:15:25.457",
"lastModified": "2023-03-09T00:57:55.853",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:09.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -131,6 +131,10 @@
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0004/",
"source": "jordan@liggitt.net"
}
]
}

65
CVE-2022/CVE-2022-387xx/CVE-2022-38707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38707",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T14:15:09.057",
"lastModified": "2023-05-05T14:46:16.617",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:17:11.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,51 @@
"value": "CWE-613"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9BA2D482-F396-4704-ACBA-E81720686DDB"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/234179",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6983274",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

76
CVE-2022/CVE-2022-439xx/CVE-2022-43919.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43919",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.480",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:37:10.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndExcluding": "9.2.0.10",
"matchCriteriaId": "22521C23-0288-4CB2-A3D8-56A74E5F0A44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:continuous_delivery:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndExcluding": "9.2.5.7",
"matchCriteriaId": "DB192E66-8746-4427-BE26-785B38033C6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.3.0.0",
"versionEndExcluding": "9.3.0.5",
"matchCriteriaId": "A4A3D1FD-689E-44DF-ADAF-7C153139B728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:continuous_delivery:*:*:*",
"versionStartIncluding": "9.3.0.0",
"versionEndExcluding": "9.3.2",
"matchCriteriaId": "00137C33-0B2B-4512-84D0-50C53A225BA1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/241354",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6986559",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

46
CVE-2022/CVE-2022-450xx/CVE-2022-45048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45048",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-05T08:15:09.080",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:26:43.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:ranger:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B75BB8F4-2B1E-4CD8-87B4-D07BA2239491"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/6rpzwy1smdhr60tsh1ydknn3kdm45bb6",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

24
CVE-2022/CVE-2022-471xx/CVE-2022-47129.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-47129",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-11T14:15:19.623",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/Omoredream/43f60004665e9d9d8c71f7e976261387",
"source": "cve@mitre.org"
},
{
"url": "https://www.yuque.com/g/alipayyz9csdbcdz/zytgq2/vz8ktghkcgvhsdzn/collaborator/join?token=R5phxzuV3w99ndZD",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-01xx/CVE-2023-0179.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0179",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T22:15:20.963",
"lastModified": "2023-04-07T12:42:04.097",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:09.643",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -286,6 +286,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0003/",
"source": "secalert@redhat.com"
}
]
}

6
CVE-2023/CVE-2023-10xx/CVE-2023-1077.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1077",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T21:15:10.467",
"lastModified": "2023-05-03T01:15:10.980",
"lastModified": "2023-05-11T15:15:09.787",
"vulnStatus": "Modified",
"descriptions": [
{
@ -85,6 +85,10 @@
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0002/",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2023/CVE-2023-13xx/CVE-2023-1380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1380",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-27T21:15:10.623",
"lastModified": "2023-04-03T18:42:43.470",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:09.923",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,6 +112,10 @@
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0001/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/03/14/1",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-15xx/CVE-2023-1544.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1544",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-03-23T20:15:14.497",
"lastModified": "2023-04-07T12:46:19.257",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.033",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0005/",
"source": "patrick@puiterwijk.org"
}
]
}

8
CVE-2023/CVE-2023-15xx/CVE-2023-1550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1550",
"sourceIdentifier": "f5sirt@f5.com",
"published": "2023-03-29T17:15:07.107",
"lastModified": "2023-04-05T12:59:01.867",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.163",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -79,6 +79,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0008/",
"source": "f5sirt@f5.com"
}
]
}

8
CVE-2023/CVE-2023-15xx/CVE-2023-1579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1579",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-03T23:15:07.043",
"lastModified": "2023-04-20T14:41:25.200",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.333",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -74,6 +74,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0009/",
"source": "secalert@redhat.com"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29988",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-16xx/CVE-2023-1652.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1652",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-03-29T21:15:07.997",
"lastModified": "2023-04-07T13:38:40.157",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.477",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -118,6 +118,10 @@
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0006/",
"source": "secalert@redhat.com"
}
]
}

55
CVE-2023/CVE-2023-227xx/CVE-2023-22720.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22720",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-11T15:15:10.613",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Robert Macchi WP Links Page plugin <=\u00a04.9.3 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-links-page/wordpress-wp-links-page-plugin-4-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

74
CVE-2023/CVE-2023-228xx/CVE-2023-22874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22874",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.567",
"lastModified": "2023-05-05T16:27:24.373",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:39:04.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,60 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:continuous_delivery:*:*:*",
"versionStartIncluding": "9.2.0.0",
"versionEndExcluding": "9.3.2",
"matchCriteriaId": "0AFDD8D0-D4FB-4F57-B70F-C75D617CFD4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:mq_appliance:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "9.3.0.0",
"versionEndExcluding": "9.3.0.5",
"matchCriteriaId": "A4A3D1FD-689E-44DF-ADAF-7C153139B728"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244216",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6985901",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

16
CVE-2023/CVE-2023-259xx/CVE-2023-25930.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25930",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T18:15:26.163",
"lastModified": "2023-05-09T13:49:10.693",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.743",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -230,6 +230,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
}
]
}

57
CVE-2023/CVE-2023-25xx/CVE-2023-2554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2554",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-05T20:15:10.877",
"lastModified": "2023-05-08T02:37:52.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T15:03:55.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bumsys_project:bumsys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "BFF79BFE-5BE2-4217-83F1-5ADC5D475D55"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/unilogies/bumsys/commit/1b426f58a513194206d0ea8ab58baf1461e54978",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/396785a0-7bb6-4db4-b4cb-607b0fd4ab4b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

16
CVE-2023/CVE-2023-260xx/CVE-2023-26021.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26021",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T19:15:16.713",
"lastModified": "2023-05-08T20:38:54.350",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:10.957",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -163,6 +163,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985681",
"source": "psirt@us.ibm.com",

16
CVE-2023/CVE-2023-260xx/CVE-2023-26022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26022",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T19:15:16.787",
"lastModified": "2023-05-08T20:41:20.463",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:11.097",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -223,6 +223,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985669",
"source": "psirt@us.ibm.com",

88
CVE-2023/CVE-2023-26xx/CVE-2023-2657.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2657",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T14:15:20.217",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228799."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#1xss-vulnerability-in-productsphp",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228799",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228799",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-26xx/CVE-2023-2658.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2658",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T14:15:20.653",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228800."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#2sql-injection-vulnerability-in-productsphp",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228800",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228800",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-26xx/CVE-2023-2659.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2659",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.730",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file view_product.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228801 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#3sql-injection-vulnerability-in-view_productphp",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228801",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228801",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-26xx/CVE-2023-2660.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2660",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.830",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_categories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228802 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228802",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228802",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-26xx/CVE-2023-2661.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2661",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-11T15:15:11.917",
"lastModified": "2023-05-11T15:19:56.683",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228803."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#5sql-injection-vulnerability-in-classesmasterphp",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228803",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228803",
"source": "cna@vuldb.com"
}
]
}

16
CVE-2023/CVE-2023-275xx/CVE-2023-27555.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27555",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T18:15:26.250",
"lastModified": "2023-05-09T14:07:33.137",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:11.210",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -223,6 +223,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985683",
"source": "psirt@us.ibm.com",

16
CVE-2023/CVE-2023-275xx/CVE-2023-27559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27559",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-26T20:15:09.900",
"lastModified": "2023-05-05T19:40:43.037",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:11.347",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -230,6 +230,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-280xx/CVE-2023-28068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28068",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-05-05T07:15:08.887",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:50:46.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:command_\\|_monitor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.9",
"matchCriteriaId": "E415E304-502A-4889-AAE1-9AB900F8BB40"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000212226/dsa-2023-133",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

16
CVE-2023/CVE-2023-292xx/CVE-2023-29255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29255",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-27T13:15:09.053",
"lastModified": "2023-05-04T20:06:43.167",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:11.510",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}
@ -223,6 +223,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985687",
"source": "psirt@us.ibm.com",

8
CVE-2023/CVE-2023-292xx/CVE-2023-29257.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29257",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-26T13:15:08.853",
"lastModified": "2023-05-04T19:39:08.163",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-11T15:15:11.630",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -213,6 +213,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0010/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985691",
"source": "psirt@us.ibm.com",

63
CVE-2023/CVE-2023-300xx/CVE-2023-30090.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-30090",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T03:15:08.767",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:21:13.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMS_Upfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sem-cms:semcms:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B2F972-D85A-4430-996A-31B9371E53EF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xlccccc/vuln/tree/master/Semcms",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

63
CVE-2023/CVE-2023-301xx/CVE-2023-30122.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-30122",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T02:15:08.753",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:35:41.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /admin/ajax.php?action=save_menu of Online Food Ordering System v2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_food_ordering_system_project:online_food_ordering_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEEB043-764B-4A7C-B6BB-E5B2A2E74141"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xtxxueyan/bug_report/blob/main/vendors/onetnom23/online-food-ordering-system-v2/RCE-1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

76
CVE-2023/CVE-2023-301xx/CVE-2023-30135.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-30135",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T02:15:08.813",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:31:18.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via the deviceName parameter in the setUsbUnload function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac18_firmware:15.03.05.19\\(6318\\)_cn:*:*:*:*:*:*:*",
"matchCriteriaId": "9AA6A0CA-46AB-4C6F-B4F8-8F3A4D9A71F5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9F8AF9-F921-4348-922B-EE5E6037E7AC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DrizzlingSun/Tenda/blob/main/AC18/8/8.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
}
]
}

73
CVE-2023/CVE-2023-302xx/CVE-2023-30242.json
View File

@ -2,27 +2,88 @@
"id": "CVE-2023-30242",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T12:15:09.093",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T15:10:27.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A708923-EF5F-4F53-86F3-DF0366E6FB58"
}
]
}
]
}
],
"references": [
{
"url": "http://ns-asg.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://gist.github.com/nsvizp/ccbc51253a47d79d2bc1ea72e01bdaf6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.netentsec.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

68
CVE-2023/CVE-2023-302xx/CVE-2023-30243.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-30243",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T14:15:09.190",
"lastModified": "2023-05-05T14:46:16.617",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:27:54.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7A708923-EF5F-4F53-86F3-DF0366E6FB58"
}
]
}
]
}
],
"references": [
{
"url": "http://ns-asg.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.netentsec.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

64
CVE-2023/CVE-2023-302xx/CVE-2023-30282.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-30282",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T22:15:09.177",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T15:03:10.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "PrestaShop scexportcustomers <= 3.6.1 is vulnerable to Incorrect Access Control. Due to a lack of permissions' control, a guest can access exports from the module which can lead to leak of personal information from customer table."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prestashop:scexportcustomers:*:*:*:*:*:prestashop:*:*",
"versionEndIncluding": "3.6.1",
"matchCriteriaId": "FEDA1D30-6C51-457C-979A-8B7D9A61E006"
}
]
}
]
}
],
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/02/scexportcustomers.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-304xx/CVE-2023-30456.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30456",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-10T02:15:06.853",
"lastModified": "2023-05-03T14:15:34.530",
"lastModified": "2023-05-11T15:15:12.000",
"vulnStatus": "Modified",
"descriptions": [
{
@ -96,6 +96,10 @@
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "cve@mitre.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230511-0007/",
"source": "cve@mitre.org"
}
]
}

62
CVE-2023/CVE-2023-306xx/CVE-2023-30624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30624",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-27T17:15:08.737",
"lastModified": "2023-04-27T18:35:34.590",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T15:01:12.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bytecodealliance:wasmtime:*:*:*:*:*:rust:*:*",
"versionEndExcluding": "6.0.2",
"matchCriteriaId": "EB4A034B-F7EC-4002-8C5F-0E4176D4CC10"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bytecodealliance:wasmtime:7.0.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "80F1E946-639F-4878-A2EF-0D0A52B30623"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bytecodealliance:wasmtime:8.0.0:*:*:*:*:rust:*:*",
"matchCriteriaId": "1AA99C22-6A08-4CDB-AAA2-7498C0DC2EC0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bytecodealliance/wasmtime/commit/0977952dcd9d482bff7c288868ccb52769b3a92e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ch89-5g45-qwc7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-322xx/CVE-2023-32235.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-32235",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T05:15:09.293",
"lastModified": "2023-05-05T13:33:53.507",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-11T14:19:32.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ghost:ghost:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "5.42.1",
"matchCriteriaId": "94A4053D-FF36-4B2A-937B-A94C8DEF67AD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

130
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-11T14:00:23.933026+00:00
2023-05-11T16:00:24.405603+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-11T13:56:23.657000+00:00
2023-05-11T15:19:56.683000+00:00
```
### Last Data Feed Release
@ -29,99 +29,59 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214906
214913
```
### CVEs added in the last Commit
Recently added CVEs: `13`
Recently added CVEs: `7`
* [CVE-2021-34076](CVE-2021/CVE-2021-340xx/CVE-2021-34076.json) (`2023-05-11T12:15:09.070`)
* [CVE-2023-0851](CVE-2023/CVE-2023-08xx/CVE-2023-0851.json) (`2023-05-11T13:15:11.437`)
* [CVE-2023-0852](CVE-2023/CVE-2023-08xx/CVE-2023-0852.json) (`2023-05-11T13:15:11.727`)
* [CVE-2023-0853](CVE-2023/CVE-2023-08xx/CVE-2023-0853.json) (`2023-05-11T13:15:11.960`)
* [CVE-2023-0854](CVE-2023/CVE-2023-08xx/CVE-2023-0854.json) (`2023-05-11T13:15:12.207`)
* [CVE-2023-0855](CVE-2023/CVE-2023-08xx/CVE-2023-0855.json) (`2023-05-11T13:15:12.487`)
* [CVE-2023-0856](CVE-2023/CVE-2023-08xx/CVE-2023-0856.json) (`2023-05-11T13:15:12.713`)
* [CVE-2023-0857](CVE-2023/CVE-2023-08xx/CVE-2023-0857.json) (`2023-05-11T13:15:12.937`)
* [CVE-2023-0858](CVE-2023/CVE-2023-08xx/CVE-2023-0858.json) (`2023-05-11T13:15:13.177`)
* [CVE-2023-0859](CVE-2023/CVE-2023-08xx/CVE-2023-0859.json) (`2023-05-11T13:15:13.427`)
* [CVE-2023-2656](CVE-2023/CVE-2023-26xx/CVE-2023-2656.json) (`2023-05-11T13:15:13.850`)
* [CVE-2023-29863](CVE-2023/CVE-2023-298xx/CVE-2023-29863.json) (`2023-05-11T13:15:13.670`)
* [CVE-2023-31445](CVE-2023/CVE-2023-314xx/CVE-2023-31445.json) (`2023-05-11T12:15:09.450`)
* [CVE-2022-47129](CVE-2022/CVE-2022-471xx/CVE-2022-47129.json) (`2023-05-11T14:15:19.623`)
* [CVE-2023-22720](CVE-2023/CVE-2023-227xx/CVE-2023-22720.json) (`2023-05-11T15:15:10.613`)
* [CVE-2023-2657](CVE-2023/CVE-2023-26xx/CVE-2023-2657.json) (`2023-05-11T14:15:20.217`)
* [CVE-2023-2658](CVE-2023/CVE-2023-26xx/CVE-2023-2658.json) (`2023-05-11T14:15:20.653`)
* [CVE-2023-2659](CVE-2023/CVE-2023-26xx/CVE-2023-2659.json) (`2023-05-11T15:15:11.730`)
* [CVE-2023-2660](CVE-2023/CVE-2023-26xx/CVE-2023-2660.json) (`2023-05-11T15:15:11.830`)
* [CVE-2023-2661](CVE-2023/CVE-2023-26xx/CVE-2023-2661.json) (`2023-05-11T15:15:11.917`)
### CVEs modified in the last Commit
Recently modified CVEs: `67`
Recently modified CVEs: `33`
* [CVE-2021-45345](CVE-2021/CVE-2021-453xx/CVE-2021-45345.json) (`2023-05-11T13:36:34.880`)
* [CVE-2022-29840](CVE-2022/CVE-2022-298xx/CVE-2022-29840.json) (`2023-05-11T13:36:25.773`)
* [CVE-2022-29841](CVE-2022/CVE-2022-298xx/CVE-2022-29841.json) (`2023-05-11T13:36:25.773`)
* [CVE-2022-29842](CVE-2022/CVE-2022-298xx/CVE-2022-29842.json) (`2023-05-11T13:36:25.773`)
* [CVE-2022-36329](CVE-2022/CVE-2022-363xx/CVE-2022-36329.json) (`2023-05-11T13:36:30.643`)
* [CVE-2022-36937](CVE-2022/CVE-2022-369xx/CVE-2022-36937.json) (`2023-05-11T13:36:34.880`)
* [CVE-2023-0007](CVE-2023/CVE-2023-00xx/CVE-2023-0007.json) (`2023-05-11T13:36:34.880`)
* [CVE-2023-0008](CVE-2023/CVE-2023-00xx/CVE-2023-0008.json) (`2023-05-11T13:36:34.880`)
* [CVE-2023-1894](CVE-2023/CVE-2023-18xx/CVE-2023-1894.json) (`2023-05-11T12:57:58.803`)
* [CVE-2023-21494](CVE-2023/CVE-2023-214xx/CVE-2023-21494.json) (`2023-05-11T12:26:38.427`)
* [CVE-2023-21496](CVE-2023/CVE-2023-214xx/CVE-2023-21496.json) (`2023-05-11T12:37:31.380`)
* [CVE-2023-21497](CVE-2023/CVE-2023-214xx/CVE-2023-21497.json) (`2023-05-11T13:03:12.340`)
* [CVE-2023-21498](CVE-2023/CVE-2023-214xx/CVE-2023-21498.json) (`2023-05-11T13:07:31.667`)
* [CVE-2023-21500](CVE-2023/CVE-2023-215xx/CVE-2023-21500.json) (`2023-05-11T13:20:37.727`)
* [CVE-2023-2310](CVE-2023/CVE-2023-23xx/CVE-2023-2310.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-2490](CVE-2023/CVE-2023-24xx/CVE-2023-2490.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-2522](CVE-2023/CVE-2023-25xx/CVE-2023-2522.json) (`2023-05-11T13:19:18.650`)
* [CVE-2023-2573](CVE-2023/CVE-2023-25xx/CVE-2023-2573.json) (`2023-05-11T12:15:09.147`)
* [CVE-2023-2574](CVE-2023/CVE-2023-25xx/CVE-2023-2574.json) (`2023-05-11T12:15:09.267`)
* [CVE-2023-2575](CVE-2023/CVE-2023-25xx/CVE-2023-2575.json) (`2023-05-11T12:15:09.357`)
* [CVE-2023-2641](CVE-2023/CVE-2023-26xx/CVE-2023-2641.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2642](CVE-2023/CVE-2023-26xx/CVE-2023-2642.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2643](CVE-2023/CVE-2023-26xx/CVE-2023-2643.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2644](CVE-2023/CVE-2023-26xx/CVE-2023-2644.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2645](CVE-2023/CVE-2023-26xx/CVE-2023-2645.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2646](CVE-2023/CVE-2023-26xx/CVE-2023-2646.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2647](CVE-2023/CVE-2023-26xx/CVE-2023-2647.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2648](CVE-2023/CVE-2023-26xx/CVE-2023-2648.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2649](CVE-2023/CVE-2023-26xx/CVE-2023-2649.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-2652](CVE-2023/CVE-2023-26xx/CVE-2023-2652.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-2653](CVE-2023/CVE-2023-26xx/CVE-2023-2653.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-29986](CVE-2023/CVE-2023-299xx/CVE-2023-29986.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-30172](CVE-2023/CVE-2023-301xx/CVE-2023-30172.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-30194](CVE-2023/CVE-2023-301xx/CVE-2023-30194.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-30216](CVE-2023/CVE-2023-302xx/CVE-2023-30216.json) (`2023-05-11T13:48:53.873`)
* [CVE-2023-30256](CVE-2023/CVE-2023-302xx/CVE-2023-30256.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-31148](CVE-2023/CVE-2023-311xx/CVE-2023-31148.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31149](CVE-2023/CVE-2023-311xx/CVE-2023-31149.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31150](CVE-2023/CVE-2023-311xx/CVE-2023-31150.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31151](CVE-2023/CVE-2023-311xx/CVE-2023-31151.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31152](CVE-2023/CVE-2023-311xx/CVE-2023-31152.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31153](CVE-2023/CVE-2023-311xx/CVE-2023-31153.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31154](CVE-2023/CVE-2023-311xx/CVE-2023-31154.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31155](CVE-2023/CVE-2023-311xx/CVE-2023-31155.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31156](CVE-2023/CVE-2023-311xx/CVE-2023-31156.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31157](CVE-2023/CVE-2023-311xx/CVE-2023-31157.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31158](CVE-2023/CVE-2023-311xx/CVE-2023-31158.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31159](CVE-2023/CVE-2023-311xx/CVE-2023-31159.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31160](CVE-2023/CVE-2023-311xx/CVE-2023-31160.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31161](CVE-2023/CVE-2023-311xx/CVE-2023-31161.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31162](CVE-2023/CVE-2023-311xx/CVE-2023-31162.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31163](CVE-2023/CVE-2023-311xx/CVE-2023-31163.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31164](CVE-2023/CVE-2023-311xx/CVE-2023-31164.json) (`2023-05-11T13:36:30.643`)
* [CVE-2023-31165](CVE-2023/CVE-2023-311xx/CVE-2023-31165.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-31166](CVE-2023/CVE-2023-311xx/CVE-2023-31166.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-31413](CVE-2023/CVE-2023-314xx/CVE-2023-31413.json) (`2023-05-11T13:56:23.657`)
* [CVE-2023-31414](CVE-2023/CVE-2023-314xx/CVE-2023-31414.json) (`2023-05-11T13:43:42.117`)
* [CVE-2023-31415](CVE-2023/CVE-2023-314xx/CVE-2023-31415.json) (`2023-05-11T13:38:07.060`)
* [CVE-2023-31442](CVE-2023/CVE-2023-314xx/CVE-2023-31442.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-31473](CVE-2023/CVE-2023-314xx/CVE-2023-31473.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-31475](CVE-2023/CVE-2023-314xx/CVE-2023-31475.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-31477](CVE-2023/CVE-2023-314xx/CVE-2023-31477.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-31498](CVE-2023/CVE-2023-314xx/CVE-2023-31498.json) (`2023-05-11T13:36:16.323`)
* [CVE-2023-32070](CVE-2023/CVE-2023-320xx/CVE-2023-32070.json) (`2023-05-11T13:36:34.880`)
* [CVE-2023-32076](CVE-2023/CVE-2023-320xx/CVE-2023-32076.json) (`2023-05-11T13:36:34.880`)
* [CVE-2023-32080](CVE-2023/CVE-2023-320xx/CVE-2023-32080.json) (`2023-05-11T13:36:25.773`)
* [CVE-2023-32668](CVE-2023/CVE-2023-326xx/CVE-2023-32668.json) (`2023-05-11T13:36:25.773`)
* [CVE-2019-15613](CVE-2019/CVE-2019-156xx/CVE-2019-15613.json) (`2023-05-11T14:00:47.943`)
* [CVE-2020-8120](CVE-2020/CVE-2020-81xx/CVE-2020-8120.json) (`2023-05-11T14:00:35.813`)
* [CVE-2021-40331](CVE-2021/CVE-2021-403xx/CVE-2021-40331.json) (`2023-05-11T14:14:20.707`)
* [CVE-2022-3162](CVE-2022/CVE-2022-31xx/CVE-2022-3162.json) (`2023-05-11T15:15:09.510`)
* [CVE-2022-38707](CVE-2022/CVE-2022-387xx/CVE-2022-38707.json) (`2023-05-11T14:17:11.117`)
* [CVE-2022-43919](CVE-2022/CVE-2022-439xx/CVE-2022-43919.json) (`2023-05-11T14:37:10.943`)
* [CVE-2022-45048](CVE-2022/CVE-2022-450xx/CVE-2022-45048.json) (`2023-05-11T14:26:43.060`)
* [CVE-2023-0179](CVE-2023/CVE-2023-01xx/CVE-2023-0179.json) (`2023-05-11T15:15:09.643`)
* [CVE-2023-1077](CVE-2023/CVE-2023-10xx/CVE-2023-1077.json) (`2023-05-11T15:15:09.787`)
* [CVE-2023-1380](CVE-2023/CVE-2023-13xx/CVE-2023-1380.json) (`2023-05-11T15:15:09.923`)
* [CVE-2023-1544](CVE-2023/CVE-2023-15xx/CVE-2023-1544.json) (`2023-05-11T15:15:10.033`)
* [CVE-2023-1550](CVE-2023/CVE-2023-15xx/CVE-2023-1550.json) (`2023-05-11T15:15:10.163`)
* [CVE-2023-1579](CVE-2023/CVE-2023-15xx/CVE-2023-1579.json) (`2023-05-11T15:15:10.333`)
* [CVE-2023-1652](CVE-2023/CVE-2023-16xx/CVE-2023-1652.json) (`2023-05-11T15:15:10.477`)
* [CVE-2023-22874](CVE-2023/CVE-2023-228xx/CVE-2023-22874.json) (`2023-05-11T14:39:04.307`)
* [CVE-2023-2554](CVE-2023/CVE-2023-25xx/CVE-2023-2554.json) (`2023-05-11T15:03:55.237`)
* [CVE-2023-25930](CVE-2023/CVE-2023-259xx/CVE-2023-25930.json) (`2023-05-11T15:15:10.743`)
* [CVE-2023-26021](CVE-2023/CVE-2023-260xx/CVE-2023-26021.json) (`2023-05-11T15:15:10.957`)
* [CVE-2023-26022](CVE-2023/CVE-2023-260xx/CVE-2023-26022.json) (`2023-05-11T15:15:11.097`)
* [CVE-2023-27555](CVE-2023/CVE-2023-275xx/CVE-2023-27555.json) (`2023-05-11T15:15:11.210`)
* [CVE-2023-27559](CVE-2023/CVE-2023-275xx/CVE-2023-27559.json) (`2023-05-11T15:15:11.347`)
* [CVE-2023-28068](CVE-2023/CVE-2023-280xx/CVE-2023-28068.json) (`2023-05-11T14:50:46.627`)
* [CVE-2023-29255](CVE-2023/CVE-2023-292xx/CVE-2023-29255.json) (`2023-05-11T15:15:11.510`)
* [CVE-2023-29257](CVE-2023/CVE-2023-292xx/CVE-2023-29257.json) (`2023-05-11T15:15:11.630`)
* [CVE-2023-30090](CVE-2023/CVE-2023-300xx/CVE-2023-30090.json) (`2023-05-11T14:21:13.600`)
* [CVE-2023-30122](CVE-2023/CVE-2023-301xx/CVE-2023-30122.json) (`2023-05-11T14:35:41.477`)
* [CVE-2023-30135](CVE-2023/CVE-2023-301xx/CVE-2023-30135.json) (`2023-05-11T14:31:18.483`)
* [CVE-2023-30242](CVE-2023/CVE-2023-302xx/CVE-2023-30242.json) (`2023-05-11T15:10:27.660`)
* [CVE-2023-30243](CVE-2023/CVE-2023-302xx/CVE-2023-30243.json) (`2023-05-11T14:27:54.000`)
* [CVE-2023-30282](CVE-2023/CVE-2023-302xx/CVE-2023-30282.json) (`2023-05-11T15:03:10.123`)
* [CVE-2023-30456](CVE-2023/CVE-2023-304xx/CVE-2023-30456.json) (`2023-05-11T15:15:12.000`)
* [CVE-2023-30624](CVE-2023/CVE-2023-306xx/CVE-2023-30624.json) (`2023-05-11T15:01:12.130`)
* [CVE-2023-32235](CVE-2023/CVE-2023-322xx/CVE-2023-32235.json) (`2023-05-11T14:19:32.100`)
## Download and Usage