admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-30T17:00:24.800205+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-30 17:00:28 +00:00
parent c4b0e34842
commit 13853b6c96
39 changed files with 2110 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
CVE-2021/CVE-2021-468xx/CVE-2021-46897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46897",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-22T19:15:08.240",
"lastModified": "2023-10-23T11:35:01.280",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:25:02.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,82 @@
"value": "views.py en Wagtail CRX CodeRed Extensions (anteriormente CodeRed CMS o coderedcms) anterior a 0.22.3 permite el path traversal hacia arriba protected/..%2f..%2f al servir medios protegidos."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/coderedcorp/coderedcms/compare/v0.22.2...v0.22.3",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://github.com/coderedcorp/coderedcms/issues/448",
"source": "cve@mitre.org"
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://github.com/coderedcorp/coderedcms/pull/450",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wagtailcrx:codered_extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.22.3",
"matchCriteriaId": "4195633E-6F79-4228-AB78-DB844B8FA484"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/coderedcorp/coderedcms/compare/v0.22.2...v0.22.3",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/coderedcorp/coderedcms/issues/448",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/coderedcorp/coderedcms/pull/450",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

94
CVE-2021/CVE-2021-468xx/CVE-2021-46898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-22T19:15:08.297",
"lastModified": "2023-10-23T11:35:01.280",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:56:43.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,89 @@
"value": "views/switch.py en django-grappelli (tambi\u00e9n conocido como Django Grappelli) anterior a 2.15.2 intenta evitar la redirecci\u00f3n externa con startwith(\"/\") pero esto no considera un ataque de URL relativo al protocolo (por ejemplo, //example.com) ."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sehmaschine/django-grappelli/commit/4ca94bcda0fa2720594506853d85e00c8212968f",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
{
"url": "https://github.com/sehmaschine/django-grappelli/compare/2.15.1...2.15.2",
"source": "cve@mitre.org"
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/sehmaschine/django-grappelli/issues/975",
"source": "cve@mitre.org"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://github.com/sehmaschine/django-grappelli/pull/976",
"source": "cve@mitre.org"
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vonautomatisch:django_grappelli:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.15.2",
"matchCriteriaId": "01233523-51DB-4BA3-8508-64ED220ACB74"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sehmaschine/django-grappelli/commit/4ca94bcda0fa2720594506853d85e00c8212968f",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/sehmaschine/django-grappelli/compare/2.15.1...2.15.2",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/sehmaschine/django-grappelli/issues/975",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/sehmaschine/django-grappelli/pull/976",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

24
CVE-2022/CVE-2022-386xx/CVE-2022-38648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-38648",
"sourceIdentifier": "security@apache.org",
"published": "2022-09-22T15:15:09.350",
"lastModified": "2023-10-15T00:15:10.010",
"vulnStatus": "Modified",
"lastModified": "2023-10-30T16:18:09.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -75,6 +75,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -88,7 +103,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

24
CVE-2022/CVE-2022-401xx/CVE-2022-40146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40146",
"sourceIdentifier": "security@apache.org",
"published": "2022-09-22T15:15:09.407",
"lastModified": "2023-10-15T00:15:10.087",
"vulnStatus": "Modified",
"lastModified": "2023-10-30T16:17:53.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -75,6 +75,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -88,7 +103,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00021.html",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

55
CVE-2022/CVE-2022-45xx/CVE-2022-4573.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-4573",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-30T15:15:39.653",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAn SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-106014",
"source": "psirt@lenovo.com"
}
]
}

55
CVE-2022/CVE-2022-45xx/CVE-2022-4574.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-4574",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-30T15:15:40.080",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAn SMI handler input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. \u00a0\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-106014",
"source": "psirt@lenovo.com"
}
]
}

55
CVE-2022/CVE-2022-45xx/CVE-2022-4575.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-4575",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-30T15:15:40.493",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA vulnerability due to improper write protection of UEFI variables was reported in the BIOS of some ThinkPad models could allow an attacker with physical or local access and elevated privileges the ability to bypass Secure Boot.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-106014",
"source": "psirt@lenovo.com"
}
]
}

55
CVE-2022/CVE-2022-481xx/CVE-2022-48189.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-48189",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-30T15:15:39.203",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an attacker with local access and elevated privileges to execute arbitrary code. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-106014",
"source": "psirt@lenovo.com"
}
]
}

51
CVE-2023/CVE-2023-304xx/CVE-2023-30492.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30492",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T12:15:08.513",
"lastModified": "2023-10-26T12:58:59.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T15:56:56.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/minimum-purchase-for-woocommerce/wordpress-minimum-purchase-for-woocommerce-plugin-2-0-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:varktech:minimum_purchase_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.0.1",
"matchCriteriaId": "4F53356D-573A-4061-A90B-F8EF252FD4F8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/minimum-purchase-for-woocommerce/wordpress-minimum-purchase-for-woocommerce-plugin-2-0-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-321xx/CVE-2023-32116.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32116",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T13:15:09.413",
"lastModified": "2023-10-26T15:32:27.440",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:27:32.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/custom-post-types/wordpress-custom-post-types-plugin-4-0-12-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:totalpress:custom_post_types:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.12",
"matchCriteriaId": "0589DF0D-267E-44ED-85A9-7B7FBBC95633"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-post-types/wordpress-custom-post-types-plugin-4-0-12-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-340xx/CVE-2023-34051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34051",
"sourceIdentifier": "security@vmware.com",
"published": "2023-10-20T05:15:07.943",
"lastModified": "2023-10-20T11:27:23.627",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:28:40.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,97 @@
"value": "VMware Aria Operations for Logs contiene una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n. Un actor malicioso no autenticado puede inyectar archivos en el sistema operativo de un dispositivo afectado, lo que puede resultar en la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0021.html",
"source": "security@vmware.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F207E7F7-B239-46F4-90FC-D8CC090B72FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E25A8E-8FDD-4B2E-AC3A-5D70C0DEE483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1BA88D24-B7A6-4A4E-A9FF-826FC04578BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "66B2704F-ECEE-4BCD-B7E4-702A87EA3AF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D400E0C-561C-4A87-B047-271DA10288EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FEEA71-A044-41E4-99A3-80095746C997"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "255AB7A4-C8AB-4010-9CE2-F5743CF3C327"
}
]
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0021.html",
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-340xx/CVE-2023-34052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34052",
"sourceIdentifier": "security@vmware.com",
"published": "2023-10-20T05:15:08.420",
"lastModified": "2023-10-20T11:27:23.627",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:27:41.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,82 @@
"value": "VMware Aria Operations for Logs contiene una vulnerabilidad de deserializaci\u00f3n. Un actor malintencionado con acceso no administrativo al sistema local puede desencadenar la deserializaci\u00f3n de datos, lo que podr\u00eda provocar una omisi\u00f3n de autenticaci\u00f3n."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0021.html",
"source": "security@vmware.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F207E7F7-B239-46F4-90FC-D8CC090B72FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E25A8E-8FDD-4B2E-AC3A-5D70C0DEE483"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E8FEEA71-A044-41E4-99A3-80095746C997"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:aria_operations_for_logs:8.12:*:*:*:*:*:*:*",
"matchCriteriaId": "255AB7A4-C8AB-4010-9CE2-F5743CF3C327"
}
]
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0021.html",
"source": "security@vmware.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-433xx/CVE-2023-43341.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43341",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T22:15:09.123",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:34:20.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,77 @@
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en Evolution evo v.3.2.3 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un par\u00e1metro uid inyectado en un payload manipulado."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/sromanhu/Evolution-Reflected-XSS---Installation-Connection-",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:evo:evolution_cms:3.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5470FF1E-D2D9-45CD-8321-69BA847BC81A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CVE-2023-43341-Evolution-Reflected-XSS---Installation-Connection-",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sromanhu/Evolution-Reflected-XSS---Installation-Connection-",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-433xx/CVE-2023-43342.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43342",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T22:15:09.557",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:33:39.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,77 @@
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en opensolution Quick CMS v.6.7 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para el componente Men\u00fa de Idiomas."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/sromanhu/Quick-CMS-Stored-XSS---Languages-Frontend",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensolution:quick_cms:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0B571ABB-F2E3-4C39-9560-74C3E9E98593"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CVE-2023-43342-Quick-CMS-Stored-XSS---Languages-Frontend",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sromanhu/Quick-CMS-Stored-XSS---Languages-Frontend",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-433xx/CVE-2023-43344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43344",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T22:15:09.673",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:33:21.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) en opensolution Quick CMS v.6.7 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para el par\u00e1metro SEO - Meta descripci\u00f3n en el componente Men\u00fa de P\u00e1ginas."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opensolution:quick_cms:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0B571ABB-F2E3-4C39-9560-74C3E9E98593"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CVE-2023-43344-Quick-CMS-Stored-XSS---SEO-Meta-description",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-433xx/CVE-2023-43359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43359",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T22:15:09.720",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:33:04.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "La vulnerabilidad de Cross-Site Scripting (XSS) en CMSmadesimple v.2.2.18 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para los par\u00e1metros de datos Smarty y metadatos espec\u00edficos de la p\u00e1gina en el componente del Men\u00fa del Administrador de Contenido."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF989DA-0199-49AE-A793-1CE18C1E045A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CVE-2023-43359-CMSmadesimple-Stored-XSS----Content-Manager",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-433xx/CVE-2023-43360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43360",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:31.757",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:31:41.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en CMSmadesimple v.2.2.18 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado en el par\u00e1metro Top Directory en el componente File Picker Menu."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CMSmadesimple-Stored-XSS---File-Picker-extension",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF989DA-0199-49AE-A793-1CE18C1E045A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CMSmadesimple-Stored-XSS---File-Picker-extension",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sromanhu/CVE-2023-43360-CMSmadesimple-Stored-XSS---File-Picker-extension",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-438xx/CVE-2023-43875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43875",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-19T22:15:09.777",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:32:49.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "M\u00faltiples vulnerabilidades de Cross-Site Scripting (XSS) en la instalaci\u00f3n de Subrion CMS v.4.2.1 permiten a un atacante local ejecutar scripts web arbitrarios a trav\u00e9s de un payload manipulado inyectado en bhost, dbname, dbuser, adminusername y adminemail. "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/sromanhu/Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1964CC54-4FD5-44DF-A183-0538C48EA988"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CVE-2023-43875-Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sromanhu/Subrion-CMS-Reflected-XSS---Installation/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-443xx/CVE-2023-44323.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44323",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-10-30T15:15:40.980",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44323",
"source": "psirt@adobe.com"
}
]
}

68
CVE-2023/CVE-2023-453xx/CVE-2023-45394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45394",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-20T04:15:10.237",
"lastModified": "2023-10-20T11:27:23.627",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:29:24.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en el campo Company en la secci\u00f3n \"Solicitar una cotizaci\u00f3n\" de Small CRM v3.0 permite a un atacante almacenar y ejecutar c\u00f3digo javascript malicioso en el panel de administraci\u00f3n, lo que conduce a la apropiaci\u00f3n de la cuenta de Administrador."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/kartik753/CVE/blob/main/CVE-2023-45394",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:small_crm_project:small_crm:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F51675DD-9B72-44A9-AE72-24AF1B6BA813"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kartik753/CVE/blob/main/CVE-2023-45394",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-454xx/CVE-2023-45471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45471",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-20T04:15:10.720",
"lastModified": "2023-10-20T11:27:23.627",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:29:13.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "El QAD Search Server es vulnerable a Cross-Site Scripting (XSS) Almacenado en versiones hasta la 1.0.0.315 incluida debido a comprobaciones insuficientes de los \u00edndices. Esto hace posible que atacantes no autenticados creen un nuevo \u00edndice e inyecten un script web malicioso en su nombre, que se ejecutar\u00e1 cada vez que un usuario acceda a la p\u00e1gina de b\u00fasqueda."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/itsAptx/CVE-2023-45471",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qad:search_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0.315",
"matchCriteriaId": "64E47609-956F-4E0B-BC52-48BB4293DA27"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/itsAptx/CVE-2023-45471",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-454xx/CVE-2023-45498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45498",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-27T04:15:10.487",
"lastModified": "2023-10-27T19:15:41.303",
"lastModified": "2023-10-30T15:15:41.553",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/175397/VinChin-VMWare-Backup-7.0-Hardcoded-Credential-Remote-Code-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/31",
"source": "cve@mitre.org"

6
CVE-2023/CVE-2023-454xx/CVE-2023-45499.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45499",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-27T04:15:10.617",
"lastModified": "2023-10-27T19:15:41.360",
"lastModified": "2023-10-30T15:15:41.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/175397/VinChin-VMWare-Backup-7.0-Hardcoded-Credential-Remote-Code-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/31",
"source": "cve@mitre.org"

72
CVE-2023/CVE-2023-458xx/CVE-2023-45815.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45815",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-19T22:15:10.407",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:31:17.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +80,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/ArchiveBox/ArchiveBox/issues/239",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/ArchiveBox/ArchiveBox/security/advisories/GHSA-cr45-98w9-gwqx",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archivebox:archivebox:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.6.2",
"matchCriteriaId": "7E721DF1-19BE-4E74-AAD8-C2C26FB0B887"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ArchiveBox/ArchiveBox/issues/239",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/ArchiveBox/ArchiveBox/security/advisories/GHSA-cr45-98w9-gwqx",
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-458xx/CVE-2023-45822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45822",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-19T21:15:08.930",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:37:49.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,22 +80,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/artifacthub/hub/security/advisories/GHSA-9pc8-m4vp-ggvf",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://www.openpolicyagent.org/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.openpolicyagent.org/docs/latest/#rego",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:artifacthub:hub:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16.0",
"matchCriteriaId": "19535757-82CE-47EA-B827-0273894CF9BD"
}
]
}
]
}
],
"references": [
{
"url": "https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0",
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/artifacthub/hub/security/advisories/GHSA-9pc8-m4vp-ggvf",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.openpolicyagent.org/",
"source": "security-advisories@github.com",
"tags": [
"Mitigation"
]
},
{
"url": "https://www.openpolicyagent.org/docs/latest/#rego",
"source": "security-advisories@github.com",
"tags": [
"Mitigation"
]
}
]
}

70
CVE-2023/CVE-2023-458xx/CVE-2023-45823.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45823",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-19T21:15:09.003",
"lastModified": "2023-10-20T11:27:31.330",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T15:35:37.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +80,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/artifacthub/hub/security/advisories/GHSA-hmq4-c2r4-5q8h",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artifacthub:hub:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.16.0",
"matchCriteriaId": "19535757-82CE-47EA-B827-0273894CF9BD"
}
]
}
]
}
],
"references": [
{
"url": "https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0",
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/artifacthub/hub/security/advisories/GHSA-hmq4-c2r4-5q8h",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-460xx/CVE-2023-46074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46074",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T12:15:08.687",
"lastModified": "2023-10-26T12:58:59.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:21:25.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/freshmail-integration/wordpress-freshmail-for-wordpress-plugin-2-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:borbis:freshmail_for_wordpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.2",
"matchCriteriaId": "B635D748-7FA1-4F02-A9B2-1C0C2321C835"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/freshmail-integration/wordpress-freshmail-for-wordpress-plugin-2-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-460xx/CVE-2023-46076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46076",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T13:15:09.593",
"lastModified": "2023-10-26T15:32:27.440",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:28:35.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-plugin-1-2-100-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rednao:woocommerce_pdf_invoice_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.102",
"matchCriteriaId": "8B8E2CC5-D69E-4802-B00F-B89C0B734FD1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-pdf-invoice-builder/wordpress-woocommerce-pdf-invoice-builder-plugin-1-2-100-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-460xx/CVE-2023-46077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46077",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T13:15:09.667",
"lastModified": "2023-10-26T15:32:23.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:29:04.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wp-facebook-feed/wordpress-the-awesome-feed-custom-feed-plugin-2-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arrowplugins:the_awesome_feed:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.5",
"matchCriteriaId": "E68E6AB0-1B8D-4A40-8753-E2128EDED258"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-facebook-feed/wordpress-the-awesome-feed-custom-feed-plugin-2-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-460xx/CVE-2023-46081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46081",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T13:15:09.747",
"lastModified": "2023-10-26T15:32:23.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:29:47.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/lava-directory-manager/wordpress-lava-directory-manager-plugin-1-1-34-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lava-code:lava_directory_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.34",
"matchCriteriaId": "36295305-4CB1-4B9B-9AA1-73B32F2F0E9C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lava-directory-manager/wordpress-lava-directory-manager-plugin-1-1-34-unauth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-464xx/CVE-2023-46435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46435",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-26T18:15:08.767",
"lastModified": "2023-10-27T12:41:08.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:20:21.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Sourcecodester Packers and Movers Management System v1.0 es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s de mpms/?p=services/view_service&id."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/kirra-max/bug_reports/blob/main/packers-and-movers-management-system-phpoop-free-source-code/SQL-1.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:packers_and_movers_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00E7A5FB-799D-42CF-97F9-7250B4C49C6B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kirra-max/bug_reports/blob/main/packers-and-movers-management-system-phpoop-free-source-code/SQL-1.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-464xx/CVE-2023-46449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46449",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-26T15:15:09.257",
"lastModified": "2023-10-26T15:32:23.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T15:55:58.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "El sistema de gesti\u00f3n de inventario Gratuito y de C\u00f3digo Abierto Sourcecodester v1.0 es vulnerable a un control de acceso incorrecto. Un usuario arbitrario puede cambiar la contrase\u00f1a de otro usuario y hacerse cargo de la cuenta a trav\u00e9s de IDOR en la funci\u00f3n de cambio de contrase\u00f1a."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/sajaljat/CVE-2023-46449/tree/main",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.youtube.com/watch?v=H5QnsOKjs3s",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92A0265A-E1A5-4424-8D30-EC76231AEE53"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sajaljat/CVE-2023-46449/tree/main",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.youtube.com/watch?v=H5QnsOKjs3s",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-464xx/CVE-2023-46450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46450",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-26T15:15:09.317",
"lastModified": "2023-10-26T15:32:23.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T15:55:16.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "El sistema de gesti\u00f3n de inventario Gratuito y de C\u00f3digo Abierto Sourcecodester v1.0 es vulnerable a Cross Site Scripting (XSS) a trav\u00e9s de la funci\u00f3n Agregar proveedor."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/yte121/-CVE-2023-46450/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://youtu.be/LQy0_xIK2q0",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92A0265A-E1A5-4424-8D30-EC76231AEE53"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yte121/-CVE-2023-46450/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://youtu.be/LQy0_xIK2q0",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-49xx/CVE-2023-4964.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4964",
"sourceIdentifier": "security@opentext.com",
"published": "2023-10-30T15:15:42.197",
"lastModified": "2023-10-30T15:28:31.260",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Potential open redirect vulnerability\nin opentext Service Management Automation X\n(SMAX) versions 2020.05, 2020.08,\n2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11 and opentext Asset\nManagement X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11. The\nvulnerability could allow attackers to redirect a user to\nmalicious websites.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@opentext.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@opentext.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000022703?language=en_US",
"source": "security@opentext.com"
}
]
}

81
CVE-2023/CVE-2023-57xx/CVE-2023-5790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5790",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-26T17:15:10.080",
"lastModified": "2023-10-26T17:33:34.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:33:03.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -64,6 +86,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +107,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/File%20Manager%20App/Unrestricted%20File%20Upload.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.243595",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.243595",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:file_manager_app:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "13DCEB1D-966B-4E2E-99F8-F04FF9720D86"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/File%20Manager%20App/Unrestricted%20File%20Upload.pdf",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.243595",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.243595",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-57xx/CVE-2023-5791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5791",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-26T17:15:10.167",
"lastModified": "2023-10-26T17:33:34.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:34:21.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -64,6 +86,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +107,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/Sticky%20Notes%20App/Cross%20Site%20Scripting.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.243597",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.243597",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:sticky_notes_app:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A761D294-F1B2-4BB1-BA12-1D230E8F4177"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/Sticky%20Notes%20App/Cross%20Site%20Scripting.pdf",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.243597",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.243597",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-57xx/CVE-2023-5792.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5792",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-26T17:15:10.250",
"lastModified": "2023-10-26T17:33:34.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:34:50.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -64,6 +86,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +107,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/Sticky%20Notes%20App/SQL%20Injection-1.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.243598",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.243598",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:remyandrade:sticky_notes_app:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A761D294-F1B2-4BB1-BA12-1D230E8F4177"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Yp1oneer/cve_hub/blob/main/Sticky%20Notes%20App/SQL%20Injection-1.pdf",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.243598",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.243598",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-58xx/CVE-2023-5802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5802",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-26T12:15:08.817",
"lastModified": "2023-10-26T12:58:59.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-30T16:23:18.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wp-knowledgebase/wordpress-wp-knowledgebase-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpknowledgebase:wp_knowledgebase:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.4",
"matchCriteriaId": "B32E6C93-1862-4B23-8714-601485312B20"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-knowledgebase/wordpress-wp-knowledgebase-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-30T15:00:24.334469+00:00
2023-10-30T17:00:24.800205+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-30T14:55:59.993000+00:00
2023-10-30T16:34:50.407000+00:00
```
### Last Data Feed Release
@ -29,48 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
229156
229162
```
### CVEs added in the last Commit
Recently added CVEs: `22`
Recently added CVEs: `6`
* [CVE-2018-11103](CVE-2018/CVE-2018-111xx/CVE-2018-11103.json) (`2023-10-30T14:15:08.817`)
* [CVE-2020-25870](CVE-2020/CVE-2020-258xx/CVE-2020-25870.json) (`2023-10-30T14:15:08.897`)
* [CVE-2022-48190](CVE-2022/CVE-2022-481xx/CVE-2022-48190.json) (`2023-10-30T14:15:08.977`)
* [CVE-2023-5832](CVE-2023/CVE-2023-58xx/CVE-2023-5832.json) (`2023-10-30T13:15:31.690`)
* [CVE-2023-5833](CVE-2023/CVE-2023-58xx/CVE-2023-5833.json) (`2023-10-30T13:15:31.917`)
* [CVE-2023-40943](CVE-2023/CVE-2023-409xx/CVE-2023-40943.json) (`2023-10-30T14:15:09.037`)
* [CVE-2023-41605](CVE-2023/CVE-2023-416xx/CVE-2023-41605.json) (`2023-10-30T14:15:09.080`)
* [CVE-2023-44078](CVE-2023/CVE-2023-440xx/CVE-2023-44078.json) (`2023-10-30T14:15:09.123`)
* [CVE-2023-5049](CVE-2023/CVE-2023-50xx/CVE-2023-5049.json) (`2023-10-30T14:15:09.167`)
* [CVE-2023-5164](CVE-2023/CVE-2023-51xx/CVE-2023-5164.json) (`2023-10-30T14:15:09.240`)
* [CVE-2023-5199](CVE-2023/CVE-2023-51xx/CVE-2023-5199.json) (`2023-10-30T14:15:09.307`)
* [CVE-2023-5250](CVE-2023/CVE-2023-52xx/CVE-2023-5250.json) (`2023-10-30T14:15:09.383`)
* [CVE-2023-5251](CVE-2023/CVE-2023-52xx/CVE-2023-5251.json) (`2023-10-30T14:15:09.457`)
* [CVE-2023-5252](CVE-2023/CVE-2023-52xx/CVE-2023-5252.json) (`2023-10-30T14:15:09.530`)
* [CVE-2023-5315](CVE-2023/CVE-2023-53xx/CVE-2023-5315.json) (`2023-10-30T14:15:09.597`)
* [CVE-2023-5335](CVE-2023/CVE-2023-53xx/CVE-2023-5335.json) (`2023-10-30T14:15:09.667`)
* [CVE-2023-5362](CVE-2023/CVE-2023-53xx/CVE-2023-5362.json) (`2023-10-30T14:15:09.733`)
* [CVE-2023-5565](CVE-2023/CVE-2023-55xx/CVE-2023-5565.json) (`2023-10-30T14:15:09.973`)
* [CVE-2023-5566](CVE-2023/CVE-2023-55xx/CVE-2023-5566.json) (`2023-10-30T14:15:10.043`)
* [CVE-2023-5583](CVE-2023/CVE-2023-55xx/CVE-2023-5583.json) (`2023-10-30T14:15:10.120`)
* [CVE-2023-5666](CVE-2023/CVE-2023-56xx/CVE-2023-5666.json) (`2023-10-30T14:15:10.183`)
* [CVE-2023-5843](CVE-2023/CVE-2023-58xx/CVE-2023-5843.json) (`2023-10-30T14:15:10.253`)
* [CVE-2022-48189](CVE-2022/CVE-2022-481xx/CVE-2022-48189.json) (`2023-10-30T15:15:39.203`)
* [CVE-2022-4573](CVE-2022/CVE-2022-45xx/CVE-2022-4573.json) (`2023-10-30T15:15:39.653`)
* [CVE-2022-4574](CVE-2022/CVE-2022-45xx/CVE-2022-4574.json) (`2023-10-30T15:15:40.080`)
* [CVE-2022-4575](CVE-2022/CVE-2022-45xx/CVE-2022-4575.json) (`2023-10-30T15:15:40.493`)
* [CVE-2023-44323](CVE-2023/CVE-2023-443xx/CVE-2023-44323.json) (`2023-10-30T15:15:40.980`)
* [CVE-2023-4964](CVE-2023/CVE-2023-49xx/CVE-2023-4964.json) (`2023-10-30T15:15:42.197`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `32`
* [CVE-2022-25332](CVE-2022/CVE-2022-253xx/CVE-2022-25332.json) (`2023-10-30T13:44:07.793`)
* [CVE-2023-45813](CVE-2023/CVE-2023-458xx/CVE-2023-45813.json) (`2023-10-30T13:37:36.380`)
* [CVE-2023-46324](CVE-2023/CVE-2023-463xx/CVE-2023-46324.json) (`2023-10-30T13:46:10.107`)
* [CVE-2023-5524](CVE-2023/CVE-2023-55xx/CVE-2023-5524.json) (`2023-10-30T13:50:35.243`)
* [CVE-2023-45146](CVE-2023/CVE-2023-451xx/CVE-2023-45146.json) (`2023-10-30T14:14:07.753`)
* [CVE-2023-43492](CVE-2023/CVE-2023-434xx/CVE-2023-43492.json) (`2023-10-30T14:33:25.570`)
* [CVE-2023-45812](CVE-2023/CVE-2023-458xx/CVE-2023-45812.json) (`2023-10-30T14:55:59.993`)
* [CVE-2023-34051](CVE-2023/CVE-2023-340xx/CVE-2023-34051.json) (`2023-10-30T15:28:40.420`)
* [CVE-2023-45471](CVE-2023/CVE-2023-454xx/CVE-2023-45471.json) (`2023-10-30T15:29:13.613`)
* [CVE-2023-45394](CVE-2023/CVE-2023-453xx/CVE-2023-45394.json) (`2023-10-30T15:29:24.470`)
* [CVE-2023-45815](CVE-2023/CVE-2023-458xx/CVE-2023-45815.json) (`2023-10-30T15:31:17.737`)
* [CVE-2023-43875](CVE-2023/CVE-2023-438xx/CVE-2023-43875.json) (`2023-10-30T15:32:49.323`)
* [CVE-2023-43359](CVE-2023/CVE-2023-433xx/CVE-2023-43359.json) (`2023-10-30T15:33:04.453`)
* [CVE-2023-43344](CVE-2023/CVE-2023-433xx/CVE-2023-43344.json) (`2023-10-30T15:33:21.567`)
* [CVE-2023-43342](CVE-2023/CVE-2023-433xx/CVE-2023-43342.json) (`2023-10-30T15:33:39.503`)
* [CVE-2023-43341](CVE-2023/CVE-2023-433xx/CVE-2023-43341.json) (`2023-10-30T15:34:20.017`)
* [CVE-2023-45823](CVE-2023/CVE-2023-458xx/CVE-2023-45823.json) (`2023-10-30T15:35:37.783`)
* [CVE-2023-45822](CVE-2023/CVE-2023-458xx/CVE-2023-45822.json) (`2023-10-30T15:37:49.727`)
* [CVE-2023-46450](CVE-2023/CVE-2023-464xx/CVE-2023-46450.json) (`2023-10-30T15:55:16.417`)
* [CVE-2023-46449](CVE-2023/CVE-2023-464xx/CVE-2023-46449.json) (`2023-10-30T15:55:58.057`)
* [CVE-2023-30492](CVE-2023/CVE-2023-304xx/CVE-2023-30492.json) (`2023-10-30T15:56:56.320`)
* [CVE-2023-46435](CVE-2023/CVE-2023-464xx/CVE-2023-46435.json) (`2023-10-30T16:20:21.103`)
* [CVE-2023-46074](CVE-2023/CVE-2023-460xx/CVE-2023-46074.json) (`2023-10-30T16:21:25.490`)
* [CVE-2023-5802](CVE-2023/CVE-2023-58xx/CVE-2023-5802.json) (`2023-10-30T16:23:18.107`)
* [CVE-2023-32116](CVE-2023/CVE-2023-321xx/CVE-2023-32116.json) (`2023-10-30T16:27:32.430`)
* [CVE-2023-46076](CVE-2023/CVE-2023-460xx/CVE-2023-46076.json) (`2023-10-30T16:28:35.143`)
* [CVE-2023-46077](CVE-2023/CVE-2023-460xx/CVE-2023-46077.json) (`2023-10-30T16:29:04.847`)
* [CVE-2023-46081](CVE-2023/CVE-2023-460xx/CVE-2023-46081.json) (`2023-10-30T16:29:47.100`)
* [CVE-2023-43360](CVE-2023/CVE-2023-433xx/CVE-2023-43360.json) (`2023-10-30T16:31:41.030`)
* [CVE-2023-5790](CVE-2023/CVE-2023-57xx/CVE-2023-5790.json) (`2023-10-30T16:33:03.000`)
* [CVE-2023-5791](CVE-2023/CVE-2023-57xx/CVE-2023-5791.json) (`2023-10-30T16:34:21.550`)
* [CVE-2023-5792](CVE-2023/CVE-2023-57xx/CVE-2023-5792.json) (`2023-10-30T16:34:50.407`)
## Download and Usage