admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-06T20:00:34.265320+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-06 20:00:37 +00:00
parent feeb72025b
commit 143a0d3b31
127 changed files with 4446 additions and 576 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
CVE-2015/CVE-2015-13xx/CVE-2015-1313.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2015-1313",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.190",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:25:35.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-425"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndExcluding": "9.0.2",
"matchCriteriaId": "B478C03E-46A7-4343-A8AF-D0C01637C0CD"
}
]
}
]
}
],
"references": [
{
"url": "https://beyondbinary.io/articles/teamcity-account-creation/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.jetbrains.com/teamcity/download/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

12
CVE-2020/CVE-2020-143xx/CVE-2020-14343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-14343",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-02-09T21:15:12.707",
"lastModified": "2022-12-06T21:45:32.807",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T18:15:10.193",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -133,6 +133,14 @@
"Third Party Advisory"
]
},
{
"url": "https://github.com/SeldonIO/seldon-core/issues/2252",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/yaml/pyyaml/issues/420",
"source": "secalert@redhat.com"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"source": "secalert@redhat.com",

8
CVE-2020/CVE-2020-355xx/CVE-2020-35525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-35525",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-01T18:15:08.540",
"lastModified": "2022-09-07T17:47:48.640",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:09.633",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -78,6 +78,10 @@
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0007/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.sqlite.org/src/info/a67cf5b7d37d5b14",
"source": "secalert@redhat.com",

8
CVE-2020/CVE-2020-367xx/CVE-2020-36732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-12T02:15:48.347",
"lastModified": "2023-06-16T19:42:38.180",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:09.743",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -96,6 +96,10 @@
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0003/",
"source": "cve@mitre.org"
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-CRYPTOJS-548472",
"source": "cve@mitre.org",

40
CVE-2022/CVE-2022-232xx/CVE-2022-23264.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23264",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-29T05:15:13.283",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:35:10.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -38,10 +38,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "98.0.1108.50",
"matchCriteriaId": "457D4728-B15B-4F84-8BE6-6684EC20EBAA"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23264",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-35xx/CVE-2022-3515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3515",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-01-12T15:15:10.187",
"lastModified": "2023-05-18T18:08:04.067",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:09.857",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -149,6 +149,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0008/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html",
"source": "secalert@redhat.com",

64
CVE-2022/CVE-2022-464xx/CVE-2022-46408.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2022-46408",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.357",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:22:32.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ericsson:network_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.1",
"matchCriteriaId": "80551B10-FC4B-43DA-8472-44053F8881D0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

515
CVE-2023/CVE-2023-11xx/CVE-2023-1150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1150",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-06-26T07:15:08.877",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:58:33.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,519 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-363\\/040-000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "9A35B342-9D43-4D79-A350-0881F77E85F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-363\\/040-000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2ACE30-6FC4-4AAE-8EEF-D8F3C3CE814F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-362\\/040-000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "B010D10D-608D-499F-B5E7-5D768EA95242"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-362\\/040-000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "05A3A21A-1E9D-458E-9385-93DD645AA04B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-362\\/000-001_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "1FAC91DD-6F37-441C-BA36-AD969ABAD4C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-362\\/000-001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18F9CAA7-5ED8-4ACE-BBF9-0453C1BABDA4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-891_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "5778A709-DBFB-450A-B333-A58F69461A00"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-891:-:*:*:*:*:*:*:*",
"matchCriteriaId": "22BAABD9-A10D-4904-AA02-C37C4490B47A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-365\\/040-010_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "2CAED5DA-800C-4442-BC88-3AC82180F1AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-365\\/040-010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3B754A9-F107-4336-8B80-D74B4EC0A606"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-364\\/040-010_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "87F9FA7F-D1B8-4C5E-9981-067A2D66E015"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-364\\/040-010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2DD0E12-B916-4D5D-8407-D642A2B79998"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-362_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "496AE8E5-8E5A-4D93-9D1E-F558AC67B292"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-362:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6330A839-FAE3-43EB-B1AA-BA6844D9906D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-363_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "7FCCCC46-B213-4EC8-B8DF-BE7774C7731E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-363:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54E13E9C-226E-4BD6-8F0C-3061092E892A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-823_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "00E7270D-BA8B-482E-B15B-5F92F8646CB8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-823:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB88572A-CB05-4B52-8BFC-05EFDC819244"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-832_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "324FC413-AC5B-41A7-891A-F1A804F8C25E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-832:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13D1FA8D-C8BA-4D1C-8372-DECD40177631"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-832\\/000-002_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "291B13B5-3895-4F06-9CB9-C81BBE4961C2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-832\\/000-002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0F21D094-AE7C-4501-83F1-0884CB549F3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-862_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "CE4410A1-EF14-47A1-91BB-30AD9340E38C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-862:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA04FBFB-9E1C-4618-9FDC-70675506D8D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-890_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "A7519056-04A3-4E7A-AF71-BF459E0E6141"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-890:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11751A8B-FCFD-433B-9065-B4FC85168A93"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-890\\/025-000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "F67429CE-3C16-4EB8-8373-F963947FCB17"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-890\\/025-000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA0B4137-C73C-47D0-8489-CA0EF41ED9A9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-890\\/025-001_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "D88C6F15-0379-47C4-ADB4-9CB7661AD044"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-890\\/025-001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC2C91AA-9BD8-4856-B9AB-8E6CEAF8C8EC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-890\\/025-002_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "B2C70D5A-7780-40B4-B3A9-79964324E32C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-890\\/025-002:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21EB6B55-D27F-4939-832A-A391F6A3E89A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-890\\/040-000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "26E6806C-0EEF-4772-A64D-1C2124518991"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-890\\/040-000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7862FE67-A0D9-4E4D-B7BD-EB70CF0260A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wago:750-893_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fw11",
"matchCriteriaId": "94C15A80-4AB7-46A8-8ADC-A57A07F4CFA4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wago:750-893:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4795D0-B90B-4643-8713-88D89172D1A5"
}
]
}
]
}
],
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-005/",
"source": "info@cert.vde.com"
"source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-12xx/CVE-2023-1298.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-1298",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-07-06T18:15:10.497",
"lastModified": "2023-07-06T18:15:10.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1310230",
"source": "psirt@servicenow.com"
}
]
}

60
CVE-2023/CVE-2023-201xx/CVE-2023-20199.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20199",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:10.070",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:00:47.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:duo:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.0.2",
"matchCriteriaId": "656CE362-218A-43E6-902E-4D8F9262E527"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-mac-bypass-OyZpVPnx",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-21xx/CVE-2023-2183.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2183",
"sourceIdentifier": "security@grafana.com",
"published": "2023-06-06T19:15:11.277",
"lastModified": "2023-06-13T16:30:57.630",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.047",
"vulnStatus": "Modified",
"evaluatorComment": "Impact ",
"descriptions": [
{
@ -139,6 +139,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0002/",
"source": "security@grafana.com"
}
]
}

6
CVE-2023/CVE-2023-222xx/CVE-2023-22299.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22299",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:10.713",
"lastModified": "2023-07-06T17:15:10.137",
"lastModified": "2023-07-06T18:15:10.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1712",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-226xx/CVE-2023-22653.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22653",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:11.130",
"lastModified": "2023-07-06T17:15:10.227",
"lastModified": "2023-07-06T18:15:10.807",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1714",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1714",
"source": "talos-cna@cisco.com"
}
]
}

53
CVE-2023/CVE-2023-228xx/CVE-2023-22886.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-22886",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-29T10:15:09.650",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:32:59.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.\nAirflow JDBC Provider Connection\u2019s [Connection URL] parameters had no\nrestrictions, which made it possible to implement RCE attacks via\ndifferent type JDBC drivers, obtain airflow server permission.\nThis issue affects Apache Airflow JDBC Provider: before 4.0.0.\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:apache-airflow-providers-jdbc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "6885B26B-9F5D-4A92-AE70-3FAF28767E64"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/ynbjwp4n0vzql0xzhog1gkp1ovncf8j3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-240xx/CVE-2023-24018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24018",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:11.797",
"lastModified": "2023-07-06T17:15:10.300",
"lastModified": "2023-07-06T18:15:10.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1715",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1715",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-245xx/CVE-2023-24519.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24519",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.107",
"lastModified": "2023-07-06T17:15:10.373",
"lastModified": "2023-07-06T18:15:11.043",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-245xx/CVE-2023-24520.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24520",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.180",
"lastModified": "2023-07-06T17:15:10.453",
"lastModified": "2023-07-06T18:15:11.187",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-245xx/CVE-2023-24595.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24595",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.397",
"lastModified": "2023-07-06T17:15:10.523",
"lastModified": "2023-07-06T18:15:11.330",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1713",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1713",
"source": "talos-cna@cisco.com"
}
]
}

8
CVE-2023/CVE-2023-24xx/CVE-2023-2454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2454",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-09T19:15:09.253",
"lastModified": "2023-06-16T18:00:48.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.143",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -151,6 +151,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0006/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.postgresql.org/support/security/CVE-2023-2454/",
"source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-24xx/CVE-2023-2455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2455",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-09T19:15:09.313",
"lastModified": "2023-06-16T16:24:08.217",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.233",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -151,6 +151,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0006/",
"source": "secalert@redhat.com"
},
{
"url": "https://www.postgresql.org/support/security/CVE-2023-2455/",
"source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-250xx/CVE-2023-25081.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25081",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.470",
"lastModified": "2023-07-06T17:15:10.603",
"lastModified": "2023-07-06T18:15:11.473",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25082.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25082",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.540",
"lastModified": "2023-07-06T17:15:10.680",
"lastModified": "2023-07-06T18:15:11.617",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25083.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25083",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.610",
"lastModified": "2023-07-06T17:15:10.777",
"lastModified": "2023-07-06T18:15:11.760",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25084.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25084",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.680",
"lastModified": "2023-07-06T17:15:10.870",
"lastModified": "2023-07-06T18:15:11.897",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25085.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25085",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.757",
"lastModified": "2023-07-06T17:15:10.963",
"lastModified": "2023-07-06T18:15:12.040",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25086.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25086",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.827",
"lastModified": "2023-07-06T17:15:11.057",
"lastModified": "2023-07-06T18:15:12.167",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25087.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25087",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.897",
"lastModified": "2023-07-06T17:15:11.137",
"lastModified": "2023-07-06T18:15:12.323",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25088.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25088",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:12.967",
"lastModified": "2023-07-06T17:15:11.227",
"lastModified": "2023-07-06T18:15:12.467",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25089.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25089",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.043",
"lastModified": "2023-07-06T17:15:11.307",
"lastModified": "2023-07-06T18:15:12.590",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25090.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25090",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.117",
"lastModified": "2023-07-06T17:15:11.400",
"lastModified": "2023-07-06T18:15:12.753",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25091.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25091",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.187",
"lastModified": "2023-07-06T17:15:11.473",
"lastModified": "2023-07-06T18:15:12.893",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25092.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25092",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.257",
"lastModified": "2023-07-06T17:15:11.540",
"lastModified": "2023-07-06T18:15:13.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25093.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25093",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.333",
"lastModified": "2023-07-06T17:15:11.610",
"lastModified": "2023-07-06T18:15:13.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25094.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25094",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.423",
"lastModified": "2023-07-06T17:15:11.683",
"lastModified": "2023-07-06T18:15:13.327",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25095",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.493",
"lastModified": "2023-07-06T17:15:11.750",
"lastModified": "2023-07-06T18:15:13.463",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25096.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25096",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.563",
"lastModified": "2023-07-06T17:15:11.820",
"lastModified": "2023-07-06T18:15:13.603",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25097.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25097",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.637",
"lastModified": "2023-07-06T17:15:11.887",
"lastModified": "2023-07-06T18:15:13.747",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25098.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25098",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.707",
"lastModified": "2023-07-06T17:15:11.957",
"lastModified": "2023-07-06T18:15:13.893",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-250xx/CVE-2023-25099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25099",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.783",
"lastModified": "2023-07-06T17:15:12.023",
"lastModified": "2023-07-06T18:15:14.030",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25100.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25100",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.857",
"lastModified": "2023-07-06T17:15:12.093",
"lastModified": "2023-07-06T18:15:14.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25101.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25101",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.923",
"lastModified": "2023-07-06T17:15:12.210",
"lastModified": "2023-07-06T18:15:14.303",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25102.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25102",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:13.993",
"lastModified": "2023-07-06T17:15:12.283",
"lastModified": "2023-07-06T18:15:14.400",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25103.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25103",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.060",
"lastModified": "2023-07-06T17:15:12.357",
"lastModified": "2023-07-06T18:15:14.543",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25104",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.127",
"lastModified": "2023-07-06T17:15:12.427",
"lastModified": "2023-07-06T18:15:14.663",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25105.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25105",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.197",
"lastModified": "2023-07-06T17:15:12.500",
"lastModified": "2023-07-06T18:15:14.827",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25106.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25106",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.267",
"lastModified": "2023-07-06T17:15:12.573",
"lastModified": "2023-07-06T18:15:14.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25107.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25107",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.340",
"lastModified": "2023-07-06T17:15:12.650",
"lastModified": "2023-07-06T18:15:15.110",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25108.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25108",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.407",
"lastModified": "2023-07-06T17:15:12.727",
"lastModified": "2023-07-06T18:15:15.250",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25109.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25109",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.473",
"lastModified": "2023-07-06T17:15:12.797",
"lastModified": "2023-07-06T18:15:15.390",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25110.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25110",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.543",
"lastModified": "2023-07-06T17:15:12.870",
"lastModified": "2023-07-06T18:15:15.533",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25111.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25111",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.613",
"lastModified": "2023-07-06T17:15:12.943",
"lastModified": "2023-07-06T18:15:15.677",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25112.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25112",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.680",
"lastModified": "2023-07-06T17:15:13.017",
"lastModified": "2023-07-06T18:15:15.817",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25113.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25113",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.747",
"lastModified": "2023-07-06T17:15:13.087",
"lastModified": "2023-07-06T18:15:15.957",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25114.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25114",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.817",
"lastModified": "2023-07-06T17:15:13.157",
"lastModified": "2023-07-06T18:15:16.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25115.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25115",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.887",
"lastModified": "2023-07-06T17:15:13.227",
"lastModified": "2023-07-06T18:15:16.243",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25116",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:14.957",
"lastModified": "2023-07-06T17:15:13.300",
"lastModified": "2023-07-06T18:15:16.383",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25117.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25117",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.023",
"lastModified": "2023-07-06T17:15:13.370",
"lastModified": "2023-07-06T18:15:16.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25118.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25118",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.097",
"lastModified": "2023-07-06T17:15:13.440",
"lastModified": "2023-07-06T18:15:16.667",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25119.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25119",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.163",
"lastModified": "2023-07-06T17:15:13.513",
"lastModified": "2023-07-06T18:15:16.807",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25120.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25120",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.233",
"lastModified": "2023-07-06T17:15:13.587",
"lastModified": "2023-07-06T18:15:16.950",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25121.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25121",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.307",
"lastModified": "2023-07-06T17:15:13.657",
"lastModified": "2023-07-06T18:15:17.093",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25122.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25122",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.377",
"lastModified": "2023-07-06T17:15:13.730",
"lastModified": "2023-07-06T18:15:17.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25123.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25123",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.447",
"lastModified": "2023-07-06T17:15:13.807",
"lastModified": "2023-07-06T18:15:17.377",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-251xx/CVE-2023-25124.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25124",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.513",
"lastModified": "2023-07-06T17:15:13.880",
"lastModified": "2023-07-06T18:15:17.520",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716",
"source": "talos-cna@cisco.com"
}
]
}

70
CVE-2023/CVE-2023-254xx/CVE-2023-25433.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-25433",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T20:15:09.830",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:44:10.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5A5F7CB4-EB47-441F-AC8A-ACF688CA702D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/520",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/467",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

6
CVE-2023/CVE-2023-255xx/CVE-2023-25582.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25582",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.587",
"lastModified": "2023-07-06T17:15:13.953",
"lastModified": "2023-07-06T18:15:17.643",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1723",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1723",
"source": "talos-cna@cisco.com"
}
]
}

6
CVE-2023/CVE-2023-255xx/CVE-2023-25583.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25583",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-06T15:15:15.653",
"lastModified": "2023-07-06T17:15:14.030",
"lastModified": "2023-07-06T18:15:17.743",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -50,10 +50,6 @@
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1723",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1723",
"source": "talos-cna@cisco.com"
}
]
}

84
CVE-2023/CVE-2023-264xx/CVE-2023-26434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26434",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.487",
"lastModified": "2023-06-22T15:15:11.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:55:47.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -46,22 +76,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*",
"matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
]
}
]
}

84
CVE-2023/CVE-2023-264xx/CVE-2023-26436.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26436",
"sourceIdentifier": "security@open-xchange.com",
"published": "2023-06-20T08:15:09.607",
"lastModified": "2023-06-22T15:15:11.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:29:42.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "security@open-xchange.com",
"type": "Secondary",
@ -46,22 +76,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*",
"matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/8",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf",
"source": "security@open-xchange.com"
"source": "security@open-xchange.com",
"tags": [
"Release Notes"
]
}
]
}

81
CVE-2023/CVE-2023-266xx/CVE-2023-26612.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-26612",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T16:15:09.507",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:46:14.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*",
"matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-266xx/CVE-2023-26613.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-26613",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T16:15:09.580",
"lastModified": "2023-07-06T17:15:14.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-06T18:46:03.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*",
"matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/excu_shell",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-266xx/CVE-2023-26616.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-26616",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T16:15:09.627",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:45:49.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*",
"matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-269xx/CVE-2023-26965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26965",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.483",
"lastModified": "2023-06-28T18:31:25.697",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:09.980",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -73,6 +73,10 @@
"Issue Tracking",
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0009/",
"source": "cve@mitre.org"
}
]
}

70
CVE-2023/CVE-2023-269xx/CVE-2023-26966.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-26966",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T20:15:09.873",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:43:56.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:4.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "5A5F7CB4-EB47-441F-AC8A-ACF688CA702D"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/530",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/473",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

70
CVE-2023/CVE-2023-278xx/CVE-2023-27866.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27866",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-28T16:15:19.717",
"lastModified": "2023-06-28T19:27:43.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:09:06.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:informix_jdbc_driver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50.0",
"versionEndExcluding": "4.50.10",
"matchCriteriaId": "490B31CB-F608-4749-87E3-EC0A10A0EC55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:informix_jdbc_driver:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F5DCCC99-8EDE-4449-BC94-1E119CA75E5F"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249511",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7007615",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-27xx/CVE-2023-2700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2700",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-15T22:15:12.207",
"lastModified": "2023-05-25T17:14:48.953",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.307",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -110,6 +110,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0001/",
"source": "secalert@redhat.com"
}
]
}

77
CVE-2023/CVE-2023-288xx/CVE-2023-28857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28857",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-27T18:15:13.120",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:11:38.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.5.0",
"versionEndExcluding": "6.5.9.1",
"matchCriteriaId": "32BB7127-CBDB-4413-9C86-C339477005B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0",
"versionEndExcluding": "6.6.6",
"matchCriteriaId": "BB6E83E9-DBE8-4327-B899-A2CD4EF8B739"
}
]
}
]
}
],
"references": [
{
"url": "https://apereo.github.io/2023/02/20/x509-vuln/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/apereo/cas/releases/tag/v6.6.6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://securitylab.github.com/advisories/GHSL-2023-009_Apereo_CAS/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-28xx/CVE-2023-2801.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2801",
"sourceIdentifier": "security@grafana.com",
"published": "2023-06-06T19:15:11.413",
"lastModified": "2023-06-13T16:33:49.213",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.383",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -109,6 +109,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0002/",
"source": "security@grafana.com"
}
]
}

71
CVE-2023/CVE-2023-28xx/CVE-2023-2834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2834",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-30T02:15:08.820",
"lastModified": "2023-06-30T12:59:58.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:03:08.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,34 +56,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stylemixthemes:bookit:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "7DAC7E3B-C96C-4416-B17C-0A663BE769F6"
}
]
}
]
}
],
"references": [
{
"url": "https://lana.codes/lanavdb/0dea1346-fd60-4338-8af6-6f89c29075d4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/CustomerController.php#L27",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/database/Customers.php#L63",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2919529/bookit",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2925153/bookit",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/blog/2023/06/stylemixthemes-addresses-authentication-bypass-vulnerability-in-bookit-wordpress-plugin/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfd32e46-a4fc-4c10-b546-9f9da75db791?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-30xx/CVE-2023-3034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3034",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-28T09:15:09.677",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:04:10.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "vulnerability@ncsc.ch",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "vulnerability@ncsc.ch",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bund:bkg_professional_ntripcaster:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.44",
"matchCriteriaId": "9DE07143-C27B-4D13-8554-AD6B27DA5E72"
}
]
}
]
}
],
"references": [
{
"url": "https://igs.bkg.bund.de/ntrip/bkgcaster",
"source": "vulnerability@ncsc.ch"
"source": "vulnerability@ncsc.ch",
"tags": [
"Product"
]
},
{
"url": "https://igs.bkg.bund.de/root_ftp/NTRIP/software/NTRIPCASTER_CHANGELOG",
"source": "vulnerability@ncsc.ch"
"source": "vulnerability@ncsc.ch",
"tags": [
"Release Notes"
]
}
]
}

32
CVE-2023/CVE-2023-30xx/CVE-2023-3063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3063",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-30T02:15:09.457",
"lastModified": "2023-06-30T12:59:54.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:57:21.283",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smartypantsplugins:sp_project_\\&_document_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.67",
"matchCriteriaId": "F903DBFE-156F-4E2C-9D68-64C1505CA6D1"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/sp-client-document-manager/trunk/classes/ajax.php#L149",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc2e720-85d9-42d9-94ef-eb172425993d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-31xx/CVE-2023-3141.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3141",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-09T20:15:10.327",
"lastModified": "2023-06-19T15:15:10.487",
"lastModified": "2023-07-06T19:15:10.957",
"vulnStatus": "Modified",
"descriptions": [
{
@ -91,6 +91,10 @@
"Mailing List",
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0004/",
"source": "secalert@redhat.com"
}
]
}

32
CVE-2023/CVE-2023-32xx/CVE-2023-3249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3249",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-30T02:15:09.543",
"lastModified": "2023-06-30T12:59:54.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:57:05.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miniorange:web3_-_crypto_wallet_login_\\&_nft_token_gating:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.6.0",
"matchCriteriaId": "2BF385CF-2595-4720-ADBD-7E2D45E7F7F9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/web3-authentication/tags/2.6.0/classes/common/Web3/controller/class-moweb3flowhandler.php#L198",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e30b62de-7280-4c29-b882-dfa83e65966b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-334xx/CVE-2023-33466.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-33466",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.483",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:24:34.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:orthanc-server:orthanc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12.0",
"matchCriteriaId": "021ECF00-D12D-4633-8A33-D5E8AAD4C012"
}
]
}
]
}
],
"references": [
{
"url": "https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-341xx/CVE-2023-34149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34149",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.450",
"lastModified": "2023-06-21T21:06:26.343",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.460",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -105,6 +105,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0005/",
"source": "security@apache.org"
}
]
}

8
CVE-2023/CVE-2023-343xx/CVE-2023-34396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34396",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.520",
"lastModified": "2023-06-21T21:06:39.670",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-06T19:15:10.557",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -105,6 +105,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230706-0005/",
"source": "security@apache.org"
}
]
}

57
CVE-2023/CVE-2023-344xx/CVE-2023-34420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34420",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-06-26T20:15:10.247",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:19:25.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-98715",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-344xx/CVE-2023-34421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34421",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-06-26T20:15:10.307",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:17:47.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-98715",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-344xx/CVE-2023-34422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34422",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-06-26T20:15:10.370",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:17:32.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.0",
"matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-98715",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-344xx/CVE-2023-34486.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34486",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T14:15:09.633",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:32:22.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved by entering malicious code in the date selection box."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_hotel_management_system_project:online_hotel_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF27C59F-0C18-4B30-80D9-E4A39C678517"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JunyanYip/itsourcecode_justines_xss_vul",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-344xx/CVE-2023-34487.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T14:15:09.693",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:31:09.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_hotel_management_system_project:online_hotel_management_system:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DF27C59F-0C18-4B30-80D9-E4A39C678517"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JunyanYip/itsourcecode_justines_sql_vul",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-345xx/CVE-2023-34598.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34598",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.530",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:38:44.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:*",
"matchCriteriaId": "77ED9C21-CA3A-4415-B42A-5DAFB9DAF190"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/maddsec/CVE-2023-34598",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-345xx/CVE-2023-34599.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34599",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.570",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T19:05:10.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:*",
"matchCriteriaId": "77ED9C21-CA3A-4415-B42A-5DAFB9DAF190"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/maddsec/CVE-2023-34599",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34656.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34656",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.613",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:23:34.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain escalated privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:video_management_system_project:video_management_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1",
"versionEndIncluding": "4.1",
"matchCriteriaId": "D0A7C60B-FB76-4B6E-BFAC-B88BDA0CF937"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kangjinlong1/Kang.github.io/blob/main/README.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-347xx/CVE-2023-34734.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-34734",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.470",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:47:07.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting (XSS) ."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:secnet:annet_ac_centralized_management_platform:1.02.040:*:*:*:*:*:*:*",
"matchCriteriaId": "64E7A674-D53A-4C10-8CAC-1F5686DEC62F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/prismbreak/vulnerabilities/issues/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-347xx/CVE-2023-34735.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-34735",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T14:15:09.740",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:30:56.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Property Cloud Platform Management Center 1.0 is vulnerable to error-based SQL injection."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:property_cloud_platform_management_center_project:property_cloud_platform_management_center:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F7FCF0-DB2A-4339-97FD-015255D30B09"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/prismbreak/vulnerabilities/issues/4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-348xx/CVE-2023-34831.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-34831",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T03:15:09.517",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:52:42.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The \"Submission Web Form\" of Turnitin LTI tool/plugin version 1.3 is affected by HTML Injection attacks. The security issue affects the submission web form (\"id\" and \"title\" HTTP POST parameters) where the students submit their reports for similarity/plagiarism checks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:odysseycs:ithacalabs_turnitin_lti:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EE2FAFEE-A58B-4E11-AFD7-435FDDDF6D76"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_Submission_Web_Form/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

65
CVE-2023/CVE-2023-348xx/CVE-2023-34849.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-34849",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.697",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:46:25.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ikuai8:ikuaios:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.7.1",
"matchCriteriaId": "2C2644EF-5536-45E1-BE12-0E80614A4692"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cczzmm/IOT-POC/tree/main/Ikuai",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-34xx/CVE-2023-3457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3457",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-29T14:15:09.807",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:30:31.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/qwegz/CveList/blob/main/Shopping%20Website%20(E-Commerce)%20%20index.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.232674",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.232674",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-34xx/CVE-2023-3458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3458",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-29T14:15:09.887",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-06T18:29:44.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/AD-Appledog/CveHubList/blob/main/Shopping%20Website%20(E-Commerce)%20forgot-password.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.232675",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.232675",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More