admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-07T16:00:26.958077+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-07 16:00:30 +00:00
parent 5e11a5b2e2
commit 140d1ba0dc
41 changed files with 1685 additions and 199 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
CVE-2022/CVE-2022-268xx/CVE-2022-26899.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26899",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T02:15:15.657",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:25:16.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
@ -38,10 +58,44 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899",
"source": "secure@microsoft.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "99.0.1150.46",
"matchCriteriaId": "92F5C69F-66A7-4E1D-8EBD-BE4284D198FE"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26899",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

66
CVE-2022/CVE-2022-291xx/CVE-2022-29144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29144",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T01:15:49.663",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T15:30:20.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
@ -34,10 +54,44 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29144",
"source": "secure@microsoft.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "100.0.1185.44",
"matchCriteriaId": "881EC031-6B27-4BF3-9025-D4BFF008DABE"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29144",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

66
CVE-2022/CVE-2022-291xx/CVE-2022-29146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29146",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T01:15:50.000",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T15:35:31.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,13 +35,67 @@
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 6.0
}
]
},
"references": [
"weaknesses": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29146",
"source": "secure@microsoft.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "101.0.1210.32",
"matchCriteriaId": "7BD5FE28-855F-4916-9319-AD722B0C074F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29146",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2022/CVE-2022-291xx/CVE-2022-29147.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29147",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T01:15:50.450",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:17:29.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29147",
"source": "secure@microsoft.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "101.0.1210.32",
"matchCriteriaId": "7BD5FE28-855F-4916-9319-AD722B0C074F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29147",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

144
CVE-2022/CVE-2022-485xx/CVE-2022-48506.json
View File

@ -2,31 +2,147 @@
"id": "CVE-2022-48506",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-19T16:15:09.640",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T15:05:08.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. This issue was observed for use of the following versions of Democracy Suite: 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15. NOTE: the Democracy Suite 5.17 EAC Certificate of Conformance mentions \"Improved pseudo random number algorithm,\" which may be relevant."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://dvsorder.org",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
{
"url": "https://freedom-to-tinker.com/2023/06/14/security-analysis-of-the-dominion-imagecast-x/",
"source": "cve@mitre.org"
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://www.eac.gov/sites/default/files/voting_system/files/D-Suite%205.17%20Certificate%20and%20Scope%20SIGNED.pdf",
"source": "cve@mitre.org"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://www.eac.gov/voting-equipment/democracy-suite-517",
"source": "cve@mitre.org"
"lang": "en",
"value": "CWE-338"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C96C588C-91C5-4ADA-B57C-2782A7680049"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.4-nm:*:*:*:*:*:*:*",
"matchCriteriaId": "13DE0AC2-4F93-4B37-8298-585A4C3F9B06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "794A59AC-D8F7-4D84-8A6E-96EFB68660ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.5-a:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF6FA8A-7FEE-473C-BB74-D5DC7A9FE24A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.5-b:*:*:*:*:*:*:*",
"matchCriteriaId": "76387381-DC43-4A66-BD1C-EF8B6475E54D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.5-c:*:*:*:*:*:*:*",
"matchCriteriaId": "9FC242C7-7071-4C7B-BD7E-80EBEE01E7D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.5-d:*:*:*:*:*:*:*",
"matchCriteriaId": "636DB368-C0B6-4663-B037-3ACA5E5F2460"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.7-a:*:*:*:*:*:*:*",
"matchCriteriaId": "03748324-A166-46A3-8EE8-3048571A6425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4F3CB3-B078-45D4-A47F-68E17BA4715C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.10a:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2B3610-96FC-476D-8B2F-1B12813D5B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:dominionvoting:democracy_suite:5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F2ABD676-3429-4DC9-921C-5CC762F70F4F"
}
]
}
]
}
],
"references": [
{
"url": "https://dvsorder.org",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://freedom-to-tinker.com/2023/06/14/security-analysis-of-the-dominion-imagecast-x/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.eac.gov/sites/default/files/voting_system/files/D-Suite%205.17%20Certificate%20and%20Scope%20SIGNED.pdf",
"source": "cve@mitre.org",
"tags": [
"Product",
"US Government Resource"
]
},
{
"url": "https://www.eac.gov/voting-equipment/democracy-suite-517",
"source": "cve@mitre.org",
"tags": [
"Product",
"US Government Resource"
]
}
]
}

86
CVE-2023/CVE-2023-253xx/CVE-2023-25366.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-25366",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T16:15:09.263",
"lastModified": "2023-06-16T16:41:02.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:14:53.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interface discloses web password."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25366.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://siglent.com",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siglent:sds_1104x-e_firmware:sds1xx4x-e_v6.1.37r9.ads:*:*:*:*:*:*:*",
"matchCriteriaId": "DF70D4E4-3F90-4CF5-91ED-815577756B39"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siglent:sds_1104x-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C935C66-5FA7-48D3-9650-A7D2236C38BD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25366.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://siglent.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

98
CVE-2023/CVE-2023-264xx/CVE-2023-26427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26427",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.073",
"lastModified": "2023-06-22T15:15:10.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:31:30.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -46,22 +76,64 @@
]
}
],
"references": [
"configurations": [
{
"url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html",
"source": "security@open-xchange.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F"
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",
"source": "security@open-xchange.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*",
"matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
]
}
]
}

190
CVE-2023/CVE-2023-289xx/CVE-2023-28929.json
View File

@ -2,19 +2,197 @@
"id": "CVE-2023-28929",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:09.733",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:12:11.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-19062",
"source": "security@trendmicro.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:antivirus\\+_security_2021:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.0.1412",
"matchCriteriaId": "CE0F9724-D955-435A-AA01-88DC5D097202"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:internet_security_2021:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.0.1412",
"matchCriteriaId": "98F87CB2-043E-4840-9BDB-94DEADDB45B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:maximum_security_2021:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.0.1412",
"matchCriteriaId": "52BED273-F568-44A6-A4E6-EA47DEE456AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:premium_security_2021:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.0.1412",
"matchCriteriaId": "FD1356F4-D159-4B8B-826C-4924BD2704C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:antivirus\\+_security_2022:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "9D6FC368-0C19-4305-B795-C6B8D1762C04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:internet_security_2022:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "BF1430D6-5373-4B65-A178-3F9AA3BC59F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:maximum_security_2022:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "DA389598-92CB-4FD5-8589-B4BDC8E6B304"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:premium_security_2022:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "EF3517E4-310E-4018-8AAF-79276A1FBD27"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:antivirus\\+_security_2023:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "35E7CA3C-D4DF-4AAF-95FE-797B2D39A96D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:internet_security_2023:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "D6C50CA3-D54A-4C3D-9FE3-0CB2D112A488"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:maximum_security_2023:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "A2A9A81B-252B-463D-BD28-7EF505009468"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:premium_security_2023:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.7.1476",
"matchCriteriaId": "90E3DEF9-B144-441A-8A00-BC1D4EAD9DB0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-19062",
"source": "security@trendmicro.com",
"tags": [
"Vendor Advisory"
]
}
]
}

12
CVE-2023/CVE-2023-305xx/CVE-2023-30501.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30501",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.493",
"lastModified": "2023-05-25T15:22:05.390",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.303",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,12 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

11
CVE-2023/CVE-2023-305xx/CVE-2023-30502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30502",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.567",
"lastModified": "2023-05-25T15:31:55.457",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.440",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,11 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

11
CVE-2023/CVE-2023-305xx/CVE-2023-30503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30503",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.630",
"lastModified": "2023-05-25T15:32:10.817",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.537",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,11 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

11
CVE-2023/CVE-2023-305xx/CVE-2023-30504.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30504",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.693",
"lastModified": "2023-05-25T15:32:19.507",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.620",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,11 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

11
CVE-2023/CVE-2023-305xx/CVE-2023-30505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30505",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.757",
"lastModified": "2023-05-25T15:32:44.243",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.693",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,11 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

11
CVE-2023/CVE-2023-305xx/CVE-2023-30506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.817",
"lastModified": "2023-05-25T15:32:52.403",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.777",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,11 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

12
CVE-2023/CVE-2023-305xx/CVE-2023-30507.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30507",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.893",
"lastModified": "2023-05-25T15:41:52.120",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.863",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,12 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

12
CVE-2023/CVE-2023-305xx/CVE-2023-30508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30508",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:09.980",
"lastModified": "2023-05-25T15:42:02.047",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:09.943",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,12 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

12
CVE-2023/CVE-2023-305xx/CVE-2023-30509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30509",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.067",
"lastModified": "2023-05-25T15:42:19.017",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:10.013",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,12 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

12
CVE-2023/CVE-2023-305xx/CVE-2023-30510.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30510",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-16T19:15:10.140",
"lastModified": "2023-05-25T15:42:58.103",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T15:15:10.090",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,12 +100,8 @@
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt",
"source": "security-alert@hpe.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt",
"source": "security-alert@hpe.com"
}
]
}

84
CVE-2023/CVE-2023-326xx/CVE-2023-32610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32610",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-29T01:15:50.913",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:55:04.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,81 @@
"value": "Mailform Pro CGI v4.3.1.2 y anteriores permiten a un atacante remoto no autenticado causar una condici\u00f3n de Denegaci\u00f3n de Servicios (DoS). "
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://jvn.jp/en/jp/JVN70502982/index.html",
"source": "vultures@jpcert.or.jp"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
{
"url": "https://www.synck.com/blogs/news/newsroom/detail_1686638620.html",
"source": "vultures@jpcert.or.jp"
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.synck.com/downloads/cgi-perl/mailformpro/feature_1361268679.html",
"source": "vultures@jpcert.or.jp"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synck:mailform_pro_cgi:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.3.1.2",
"matchCriteriaId": "A24C203E-8293-4895-92C5-56622AEBACB8"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN70502982/index.html",
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.synck.com/blogs/news/newsroom/detail_1686638620.html",
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.synck.com/downloads/cgi-perl/mailformpro/feature_1361268679.html",
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-32xx/CVE-2023-3243.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-3243",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2023-06-28T21:15:10.310",
"lastModified": "2023-06-29T15:35:43.220",
"lastModified": "2023-07-07T14:15:09.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** \n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\nand utilize it to create new sessions. The hash is also a poorly salted MD5\nhash, which could result in a successful brute force password attack.\u00a0Recommended fix: Upgrade to a supported product such\nas Alerton\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \nbetter serve our customers and ensure all who are still running this product understand \nthat the product is end of life and should be removed or upgraded.\u00a0\n\n\n\n\n\n\n\n"
"value": "** UNSUPPPORTED WHEN ASSIGNED ** \n** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an authenticating hash\nand utilize it to create new sessions. The hash is also a poorly salted MD5\nhash, which could result in a successful brute force password attack. Impacted product is BCM-WEB version 3.3.X.\u00a0Recommended fix: Upgrade to a supported product such\nas Alerton\nACM.] Out of an abundance of caution, this CVE ID is being assigned to \nbetter serve our customers and ensure all who are still running this product understand \nthat the product is end of life and should be removed or upgraded.\u00a0\n\n\n\n\n\n\n\n"
}
],
"metrics": {

107
CVE-2023/CVE-2023-33xx/CVE-2023-3355.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3355",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-28T21:15:10.383",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:00:49.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msm_gem_submit.c code in the submit_lookup_cmds function, which fails because it lacks a check of the return value of kmalloc(). This issue allows a local user to crash the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,72 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d839f0811a31322c087a859c2b181e2383daa7be",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*",
"matchCriteriaId": "DE093B34-F4CD-4052-8122-730D6537A91A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*",
"matchCriteriaId": "8535320E-A0DB-4277-800E-D0CE5BBA59E8"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d839f0811a31322c087a859c2b181e2383daa7be",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

4
CVE-2023/CVE-2023-341xx/CVE-2023-34197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34197",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T13:15:09.273",
"lastModified": "2023-07-07T13:15:09.273",
"vulnStatus": "Received",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

85
CVE-2023/CVE-2023-348xx/CVE-2023-34840.json
View File

@ -2,27 +2,90 @@
"id": "CVE-2023-34840",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T16:15:09.600",
"lastModified": "2023-06-30T18:05:17.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:37:15.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "http://alexcrack.com",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
{
"url": "https://github.com/Xh4H/CVE-2023-34840",
"source": "cve@mitre.org"
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/alexcrack/angular-ui-notification",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:angular-ui-notification_project:angular-ui-notification:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.3.6",
"matchCriteriaId": "AD31E0E6-91B3-452C-93CF-5D422CB4B025"
}
]
}
]
}
],
"references": [
{
"url": "http://alexcrack.com",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/Xh4H/CVE-2023-34840",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/alexcrack/angular-ui-notification",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

75
CVE-2023/CVE-2023-350xx/CVE-2023-35042.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-35042",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-12T15:15:09.820",
"lastModified": "2023-06-23T06:15:11.327",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-07T15:28:32.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** GeoServer 2, in some configurations, allows remote attackers to execute arbitrary code via java.lang.Runtime.getRuntime().exec in wps:LiteralData within a wps:Execute request, as exploited in the wild in June 2023. NOTE: the vendor states that they are unable to reproduce this in any version."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://docs.geoserver.org/stable/en/user/services/wps/operations.html#execute",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://isc.sans.edu/diary/29936",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geoserver:geoserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"matchCriteriaId": "E1D34052-AC8F-45BB-AFEE-4881BE46CD74"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.geoserver.org/stable/en/user/services/wps/operations.html#execute",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://isc.sans.edu/diary/29936",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-351xx/CVE-2023-35163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35163",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.473",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T15:49:08.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 4.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/vegaprotocol/vega/commit/56b09bf57af8cd9eca5996252d86f469a3e34c68",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/vegaprotocol/vega/releases/tag/v0.71.6",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/vegaprotocol/vega/security/advisories/GHSA-8rc9-vxjh-qjf2",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:vega:vega:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.71.6",
"matchCriteriaId": "7A46D02F-2D89-4019-8A68-1442F769F7F4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vegaprotocol/vega/commit/56b09bf57af8cd9eca5996252d86f469a3e34c68",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/vegaprotocol/vega/releases/tag/v0.71.6",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/vegaprotocol/vega/security/advisories/GHSA-8rc9-vxjh-qjf2",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

104
CVE-2023/CVE-2023-358xx/CVE-2023-35866.json
View File

@ -2,35 +2,103 @@
"id": "CVE-2023-35866",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-19T06:15:09.240",
"lastModified": "2023-06-21T13:15:10.160",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:01:33.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** In KeePassXC through 2.7.5, a local attacker can make changes to the Database security settings, including master password and second-factor authentication, within an authenticated KeePassXC Database session, without the need to authenticate these changes by entering the password and/or second-factor authentication to confirm changes. NOTE: the vendor's position is \"asking the user for their password prior to making any changes to the database settings adds no additional protection against a local attacker.\""
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9339",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9339#issuecomment-1598219482",
"source": "cve@mitre.org"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9391",
"source": "cve@mitre.org"
},
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"url": "https://keepassxc.org/docs/#faq-yubikey-2fa",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@cybercitizen.tech/keepassxc-vulnerability-cve-2023-35866-dc7d447c4903",
"source": "cve@mitre.org"
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:keepassxc:keepassxc:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7.5",
"matchCriteriaId": "C5AD47BA-25BE-4E45-ABCF-CF8AA101034D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9339",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9339#issuecomment-1598219482",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/keepassxreboot/keepassxc/issues/9391",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://keepassxc.org/docs/#faq-yubikey-2fa",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://medium.com/@cybercitizen.tech/keepassxc-vulnerability-cve-2023-35866-dc7d447c4903",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-35xx/CVE-2023-3535.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3535",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T13:15:09.393",
"lastModified": "2023-07-07T13:15:09.393",
"vulnStatus": "Received",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-35xx/CVE-2023-3536.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3536",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T13:15:09.477",
"lastModified": "2023-07-07T13:15:09.477",
"vulnStatus": "Received",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

84
CVE-2023/CVE-2023-35xx/CVE-2023-3537.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3537",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T14:15:09.757",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in SimplePHPscripts News Script PHP Pro 2.4. This affects an unknown part of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The identifier VDB-233289 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233289",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233289",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3538.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3538",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T14:15:09.850",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in SimplePHPscripts Photo Gallery PHP 2.0. This vulnerability affects unknown code of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. VDB-233290 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233290",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233290",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3539.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3539",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T15:15:10.230",
"lastModified": "2023-07-07T15:46:57.830",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in SimplePHPscripts Simple Forum PHP 2.7. This issue affects some unknown processing of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-233291."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233291",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233291",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3540.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3540",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T15:15:10.317",
"lastModified": "2023-07-07T15:46:57.830",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in SimplePHPscripts NewsLetter Script PHP 2.4. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-233292."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233292",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233292",
"source": "cna@vuldb.com"
}
]
}

80
CVE-2023/CVE-2023-364xx/CVE-2023-36474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36474",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-28T22:15:09.503",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T14:54:51.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,52 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/projectdiscovery/interactsh/issues/136",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/projectdiscovery/interactsh/pull/155",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/projectdiscovery/interactsh/security/advisories/GHSA-m36x-mgfh-8g78",
"source": "security-advisories@github.com"
},
{
"url": "https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:projectdiscovery:interactsh:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0",
"matchCriteriaId": "B784FE37-ACDC-4D8A-B3B0-3A72EFBCACC6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/projectdiscovery/interactsh/issues/136",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/projectdiscovery/interactsh/pull/155",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/projectdiscovery/interactsh/security/advisories/GHSA-m36x-mgfh-8g78",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/",
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
}
]
}

20
CVE-2023/CVE-2023-371xx/CVE-2023-37144.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-37144",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T14:15:09.363",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v15.03.06.26 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DaDong-G/Vulnerability_info/blob/main/ac10_command_injection/Readme.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-371xx/CVE-2023-37145.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-37145",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T14:15:09.433",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/1/Readme.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-371xx/CVE-2023-37146.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-37146",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T14:15:09.500",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DaDong-G/Vulnerability_info/tree/main/TOTOLINK/lr350/2",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-371xx/CVE-2023-37148.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-37148",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T14:15:09.570",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the ussd parameter in the setUssd function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/3/README.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-371xx/CVE-2023-37149.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-37149",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T14:15:09.617",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-373xx/CVE-2023-37308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37308",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T13:15:09.337",
"lastModified": "2023-07-07T13:15:09.337",
"vulnStatus": "Received",
"lastModified": "2023-07-07T14:54:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-373xx/CVE-2023-37378.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-37378",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T20:15:09.620",
"lastModified": "2023-07-03T20:31:37.327",
"lastModified": "2023-07-07T15:15:10.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -28,6 +28,10 @@
"url": "https://github.com/kichik/nsis/commit/c40cf78994e74a1a3a381a850c996b251e3277c0",
"source": "cve@mitre.org"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00005.html",
"source": "cve@mitre.org"
},
{
"url": "https://nsis.sourceforge.io/Docs/AppendixF.html#v3.09",
"source": "cve@mitre.org"

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-07T14:00:27.079002+00:00
2023-07-07T16:00:26.958077+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-07T13:55:14.693000+00:00
2023-07-07T15:49:08.983000+00:00
```
### Last Data Feed Release
@ -29,50 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
219445
219454
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `9`
* [CVE-2020-8934](CVE-2020/CVE-2020-89xx/CVE-2020-8934.json) (`2023-07-07T12:15:09.290`)
* [CVE-2023-3534](CVE-2023/CVE-2023-35xx/CVE-2023-3534.json) (`2023-07-07T12:15:09.447`)
* [CVE-2023-34197](CVE-2023/CVE-2023-341xx/CVE-2023-34197.json) (`2023-07-07T13:15:09.273`)
* [CVE-2023-37308](CVE-2023/CVE-2023-373xx/CVE-2023-37308.json) (`2023-07-07T13:15:09.337`)
* [CVE-2023-3535](CVE-2023/CVE-2023-35xx/CVE-2023-3535.json) (`2023-07-07T13:15:09.393`)
* [CVE-2023-3536](CVE-2023/CVE-2023-35xx/CVE-2023-3536.json) (`2023-07-07T13:15:09.477`)
* [CVE-2023-37144](CVE-2023/CVE-2023-371xx/CVE-2023-37144.json) (`2023-07-07T14:15:09.363`)
* [CVE-2023-37145](CVE-2023/CVE-2023-371xx/CVE-2023-37145.json) (`2023-07-07T14:15:09.433`)
* [CVE-2023-37146](CVE-2023/CVE-2023-371xx/CVE-2023-37146.json) (`2023-07-07T14:15:09.500`)
* [CVE-2023-37148](CVE-2023/CVE-2023-371xx/CVE-2023-37148.json) (`2023-07-07T14:15:09.570`)
* [CVE-2023-37149](CVE-2023/CVE-2023-371xx/CVE-2023-37149.json) (`2023-07-07T14:15:09.617`)
* [CVE-2023-3537](CVE-2023/CVE-2023-35xx/CVE-2023-3537.json) (`2023-07-07T14:15:09.757`)
* [CVE-2023-3538](CVE-2023/CVE-2023-35xx/CVE-2023-3538.json) (`2023-07-07T14:15:09.850`)
* [CVE-2023-3539](CVE-2023/CVE-2023-35xx/CVE-2023-3539.json) (`2023-07-07T15:15:10.230`)
* [CVE-2023-3540](CVE-2023/CVE-2023-35xx/CVE-2023-3540.json) (`2023-07-07T15:15:10.317`)
### CVEs modified in the last Commit
Recently modified CVEs: `41`
Recently modified CVEs: `31`
* [CVE-2023-35765](CVE-2023/CVE-2023-357xx/CVE-2023-35765.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-37192](CVE-2023/CVE-2023-371xx/CVE-2023-37192.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-35890](CVE-2023/CVE-2023-358xx/CVE-2023-35890.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-3532](CVE-2023/CVE-2023-35xx/CVE-2023-3532.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-32183](CVE-2023/CVE-2023-321xx/CVE-2023-32183.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-33008](CVE-2023/CVE-2023-330xx/CVE-2023-33008.json) (`2023-07-07T12:50:22.490`)
* [CVE-2023-1298](CVE-2023/CVE-2023-12xx/CVE-2023-1298.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-3528](CVE-2023/CVE-2023-35xx/CVE-2023-3528.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-36456](CVE-2023/CVE-2023-364xx/CVE-2023-36456.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-36459](CVE-2023/CVE-2023-364xx/CVE-2023-36459.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-36460](CVE-2023/CVE-2023-364xx/CVE-2023-36460.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-36461](CVE-2023/CVE-2023-364xx/CVE-2023-36461.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-3529](CVE-2023/CVE-2023-35xx/CVE-2023-3529.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-30195](CVE-2023/CVE-2023-301xx/CVE-2023-30195.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-35934](CVE-2023/CVE-2023-359xx/CVE-2023-35934.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-36462](CVE-2023/CVE-2023-364xx/CVE-2023-36462.json) (`2023-07-07T12:50:30.110`)
* [CVE-2023-34924](CVE-2023/CVE-2023-349xx/CVE-2023-34924.json) (`2023-07-07T13:02:56.957`)
* [CVE-2023-32623](CVE-2023/CVE-2023-326xx/CVE-2023-32623.json) (`2023-07-07T13:03:55.460`)
* [CVE-2023-1295](CVE-2023/CVE-2023-12xx/CVE-2023-1295.json) (`2023-07-07T13:04:35.043`)
* [CVE-2023-3138](CVE-2023/CVE-2023-31xx/CVE-2023-3138.json) (`2023-07-07T13:05:46.457`)
* [CVE-2023-20028](CVE-2023/CVE-2023-200xx/CVE-2023-20028.json) (`2023-07-07T13:11:15.587`)
* [CVE-2023-21517](CVE-2023/CVE-2023-215xx/CVE-2023-21517.json) (`2023-07-07T13:12:46.003`)
* [CVE-2023-20105](CVE-2023/CVE-2023-201xx/CVE-2023-20105.json) (`2023-07-07T13:27:23.167`)
* [CVE-2023-20119](CVE-2023/CVE-2023-201xx/CVE-2023-20119.json) (`2023-07-07T13:45:03.890`)
* [CVE-2023-21512](CVE-2023/CVE-2023-215xx/CVE-2023-21512.json) (`2023-07-07T13:55:14.693`)
* [CVE-2023-35866](CVE-2023/CVE-2023-358xx/CVE-2023-35866.json) (`2023-07-07T14:01:33.287`)
* [CVE-2023-28929](CVE-2023/CVE-2023-289xx/CVE-2023-28929.json) (`2023-07-07T14:12:11.360`)
* [CVE-2023-25366](CVE-2023/CVE-2023-253xx/CVE-2023-25366.json) (`2023-07-07T14:14:53.760`)
* [CVE-2023-3243](CVE-2023/CVE-2023-32xx/CVE-2023-3243.json) (`2023-07-07T14:15:09.673`)
* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2023-07-07T14:31:30.563`)
* [CVE-2023-34840](CVE-2023/CVE-2023-348xx/CVE-2023-34840.json) (`2023-07-07T14:37:15.100`)
* [CVE-2023-34197](CVE-2023/CVE-2023-341xx/CVE-2023-34197.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-37308](CVE-2023/CVE-2023-373xx/CVE-2023-37308.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-3535](CVE-2023/CVE-2023-35xx/CVE-2023-3535.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-3536](CVE-2023/CVE-2023-35xx/CVE-2023-3536.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-36474](CVE-2023/CVE-2023-364xx/CVE-2023-36474.json) (`2023-07-07T14:54:51.293`)
* [CVE-2023-32610](CVE-2023/CVE-2023-326xx/CVE-2023-32610.json) (`2023-07-07T14:55:04.910`)
* [CVE-2023-30501](CVE-2023/CVE-2023-305xx/CVE-2023-30501.json) (`2023-07-07T15:15:09.303`)
* [CVE-2023-30502](CVE-2023/CVE-2023-305xx/CVE-2023-30502.json) (`2023-07-07T15:15:09.440`)
* [CVE-2023-30503](CVE-2023/CVE-2023-305xx/CVE-2023-30503.json) (`2023-07-07T15:15:09.537`)
* [CVE-2023-30504](CVE-2023/CVE-2023-305xx/CVE-2023-30504.json) (`2023-07-07T15:15:09.620`)
* [CVE-2023-30505](CVE-2023/CVE-2023-305xx/CVE-2023-30505.json) (`2023-07-07T15:15:09.693`)
* [CVE-2023-30506](CVE-2023/CVE-2023-305xx/CVE-2023-30506.json) (`2023-07-07T15:15:09.777`)
* [CVE-2023-30507](CVE-2023/CVE-2023-305xx/CVE-2023-30507.json) (`2023-07-07T15:15:09.863`)
* [CVE-2023-30508](CVE-2023/CVE-2023-305xx/CVE-2023-30508.json) (`2023-07-07T15:15:09.943`)
* [CVE-2023-30509](CVE-2023/CVE-2023-305xx/CVE-2023-30509.json) (`2023-07-07T15:15:10.013`)
* [CVE-2023-30510](CVE-2023/CVE-2023-305xx/CVE-2023-30510.json) (`2023-07-07T15:15:10.090`)
* [CVE-2023-37378](CVE-2023/CVE-2023-373xx/CVE-2023-37378.json) (`2023-07-07T15:15:10.173`)
* [CVE-2023-35042](CVE-2023/CVE-2023-350xx/CVE-2023-35042.json) (`2023-07-07T15:28:32.747`)
* [CVE-2023-35163](CVE-2023/CVE-2023-351xx/CVE-2023-35163.json) (`2023-07-07T15:49:08.983`)
## Download and Usage