From 143a0d3b3115376cebbb4f2c928c7bda6c05eece Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 6 Jul 2023 20:00:37 +0000 Subject: [PATCH] Auto-Update: 2023-07-06T20:00:34.265320+00:00 --- CVE-2015/CVE-2015-13xx/CVE-2015-1313.json | 71 ++- CVE-2020/CVE-2020-143xx/CVE-2020-14343.json | 12 +- CVE-2020/CVE-2020-355xx/CVE-2020-35525.json | 8 +- CVE-2020/CVE-2020-367xx/CVE-2020-36732.json | 8 +- CVE-2022/CVE-2022-232xx/CVE-2022-23264.json | 40 +- CVE-2022/CVE-2022-35xx/CVE-2022-3515.json | 10 +- CVE-2022/CVE-2022-464xx/CVE-2022-46408.json | 64 ++- CVE-2023/CVE-2023-11xx/CVE-2023-1150.json | 515 +++++++++++++++++++- CVE-2023/CVE-2023-12xx/CVE-2023-1298.json | 55 +++ CVE-2023/CVE-2023-201xx/CVE-2023-20199.json | 60 ++- CVE-2023/CVE-2023-21xx/CVE-2023-2183.json | 8 +- CVE-2023/CVE-2023-222xx/CVE-2023-22299.json | 6 +- CVE-2023/CVE-2023-226xx/CVE-2023-22653.json | 6 +- CVE-2023/CVE-2023-228xx/CVE-2023-22886.json | 53 +- CVE-2023/CVE-2023-240xx/CVE-2023-24018.json | 6 +- CVE-2023/CVE-2023-245xx/CVE-2023-24519.json | 6 +- CVE-2023/CVE-2023-245xx/CVE-2023-24520.json | 6 +- CVE-2023/CVE-2023-245xx/CVE-2023-24595.json | 6 +- CVE-2023/CVE-2023-24xx/CVE-2023-2454.json | 8 +- CVE-2023/CVE-2023-24xx/CVE-2023-2455.json | 8 +- CVE-2023/CVE-2023-250xx/CVE-2023-25081.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25082.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25083.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25084.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25085.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25086.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25087.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25088.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25089.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25090.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25091.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25092.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25093.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25094.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25095.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25096.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25097.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25098.json | 6 +- CVE-2023/CVE-2023-250xx/CVE-2023-25099.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25100.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25101.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25102.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25103.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25104.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25105.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25106.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25107.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25108.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25109.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25110.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25111.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25112.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25113.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25114.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25115.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25116.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25117.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25118.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25119.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25120.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25121.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25122.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25123.json | 6 +- CVE-2023/CVE-2023-251xx/CVE-2023-25124.json | 6 +- CVE-2023/CVE-2023-254xx/CVE-2023-25433.json | 70 ++- CVE-2023/CVE-2023-255xx/CVE-2023-25582.json | 6 +- CVE-2023/CVE-2023-255xx/CVE-2023-25583.json | 6 +- CVE-2023/CVE-2023-264xx/CVE-2023-26434.json | 84 +++- CVE-2023/CVE-2023-264xx/CVE-2023-26436.json | 84 +++- CVE-2023/CVE-2023-266xx/CVE-2023-26612.json | 81 ++- CVE-2023/CVE-2023-266xx/CVE-2023-26613.json | 81 ++- CVE-2023/CVE-2023-266xx/CVE-2023-26616.json | 81 ++- CVE-2023/CVE-2023-269xx/CVE-2023-26965.json | 8 +- CVE-2023/CVE-2023-269xx/CVE-2023-26966.json | 70 ++- CVE-2023/CVE-2023-278xx/CVE-2023-27866.json | 70 ++- CVE-2023/CVE-2023-27xx/CVE-2023-2700.json | 8 +- CVE-2023/CVE-2023-288xx/CVE-2023-28857.json | 77 ++- CVE-2023/CVE-2023-28xx/CVE-2023-2801.json | 8 +- CVE-2023/CVE-2023-28xx/CVE-2023-2834.json | 71 ++- CVE-2023/CVE-2023-30xx/CVE-2023-3034.json | 62 ++- CVE-2023/CVE-2023-30xx/CVE-2023-3063.json | 32 +- CVE-2023/CVE-2023-31xx/CVE-2023-3141.json | 6 +- CVE-2023/CVE-2023-32xx/CVE-2023-3249.json | 32 +- CVE-2023/CVE-2023-334xx/CVE-2023-33466.json | 65 ++- CVE-2023/CVE-2023-341xx/CVE-2023-34149.json | 8 +- CVE-2023/CVE-2023-343xx/CVE-2023-34396.json | 8 +- CVE-2023/CVE-2023-344xx/CVE-2023-34420.json | 57 ++- CVE-2023/CVE-2023-344xx/CVE-2023-34421.json | 57 ++- CVE-2023/CVE-2023-344xx/CVE-2023-34422.json | 57 ++- CVE-2023/CVE-2023-344xx/CVE-2023-34486.json | 64 ++- CVE-2023/CVE-2023-344xx/CVE-2023-34487.json | 64 ++- CVE-2023/CVE-2023-345xx/CVE-2023-34598.json | 64 ++- CVE-2023/CVE-2023-345xx/CVE-2023-34599.json | 64 ++- CVE-2023/CVE-2023-346xx/CVE-2023-34656.json | 66 ++- CVE-2023/CVE-2023-347xx/CVE-2023-34734.json | 65 ++- CVE-2023/CVE-2023-347xx/CVE-2023-34735.json | 65 ++- CVE-2023/CVE-2023-348xx/CVE-2023-34831.json | 69 ++- CVE-2023/CVE-2023-348xx/CVE-2023-34849.json | 65 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3457.json | 62 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3458.json | 62 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3469.json | 66 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3473.json | 62 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3474.json | 56 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3475.json | 68 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3476.json | 56 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3477.json | 56 ++- CVE-2023/CVE-2023-34xx/CVE-2023-3479.json | 56 ++- CVE-2023/CVE-2023-351xx/CVE-2023-35169.json | 68 ++- CVE-2023/CVE-2023-359xx/CVE-2023-35930.json | 69 ++- CVE-2023/CVE-2023-359xx/CVE-2023-35933.json | 68 ++- CVE-2023/CVE-2023-35xx/CVE-2023-3528.json | 84 ++++ CVE-2023/CVE-2023-35xx/CVE-2023-3529.json | 84 ++++ CVE-2023/CVE-2023-364xx/CVE-2023-36456.json | 71 +++ CVE-2023/CVE-2023-364xx/CVE-2023-36459.json | 71 +++ CVE-2023/CVE-2023-364xx/CVE-2023-36460.json | 71 +++ CVE-2023/CVE-2023-364xx/CVE-2023-36461.json | 71 +++ CVE-2023/CVE-2023-364xx/CVE-2023-36487.json | 77 ++- CVE-2023/CVE-2023-366xx/CVE-2023-36617.json | 72 ++- CVE-2023/CVE-2023-366xx/CVE-2023-36661.json | 89 +++- CVE-2023/CVE-2023-366xx/CVE-2023-36664.json | 102 +++- CVE-2023/CVE-2023-372xx/CVE-2023-37251.json | 64 ++- CVE-2023/CVE-2023-372xx/CVE-2023-37254.json | 65 ++- CVE-2023/CVE-2023-372xx/CVE-2023-37255.json | 65 ++- CVE-2023/CVE-2023-372xx/CVE-2023-37256.json | 65 ++- CVE-2023/CVE-2023-372xx/CVE-2023-37298.json | 74 ++- CVE-2023/CVE-2023-372xx/CVE-2023-37299.json | 74 ++- README.md | 79 ++- 127 files changed, 4446 insertions(+), 576 deletions(-) create mode 100644 CVE-2023/CVE-2023-12xx/CVE-2023-1298.json create mode 100644 CVE-2023/CVE-2023-35xx/CVE-2023-3528.json create mode 100644 CVE-2023/CVE-2023-35xx/CVE-2023-3529.json create mode 100644 CVE-2023/CVE-2023-364xx/CVE-2023-36456.json create mode 100644 CVE-2023/CVE-2023-364xx/CVE-2023-36459.json create mode 100644 CVE-2023/CVE-2023-364xx/CVE-2023-36460.json create mode 100644 CVE-2023/CVE-2023-364xx/CVE-2023-36461.json diff --git a/CVE-2015/CVE-2015-13xx/CVE-2015-1313.json b/CVE-2015/CVE-2015-13xx/CVE-2015-1313.json index 8b95be2941c..c66a09636e9 100644 --- a/CVE-2015/CVE-2015-13xx/CVE-2015-1313.json +++ b/CVE-2015/CVE-2015-13xx/CVE-2015-1313.json @@ -2,23 +2,84 @@ "id": "CVE-2015-1313", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.190", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:25:35.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "JetBrains TeamCity 8 and 9 before 9.0.2 allows bypass of account-creation restrictions via a crafted request because the required request data can be deduced by reading HTML and JavaScript files that are returned to the web browser after an initial unauthenticated request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-425" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0", + "versionEndExcluding": "9.0.2", + "matchCriteriaId": "B478C03E-46A7-4343-A8AF-D0C01637C0CD" + } + ] + } + ] + } + ], "references": [ { "url": "https://beyondbinary.io/articles/teamcity-account-creation/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.jetbrains.com/teamcity/download/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-143xx/CVE-2020-14343.json b/CVE-2020/CVE-2020-143xx/CVE-2020-14343.json index f097d6bb2fd..1bf3f6fd27c 100644 --- a/CVE-2020/CVE-2020-143xx/CVE-2020-14343.json +++ b/CVE-2020/CVE-2020-143xx/CVE-2020-14343.json @@ -2,8 +2,8 @@ "id": "CVE-2020-14343", "sourceIdentifier": "secalert@redhat.com", "published": "2021-02-09T21:15:12.707", - "lastModified": "2022-12-06T21:45:32.807", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T18:15:10.193", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -133,6 +133,14 @@ "Third Party Advisory" ] }, + { + "url": "https://github.com/SeldonIO/seldon-core/issues/2252", + "source": "secalert@redhat.com" + }, + { + "url": "https://github.com/yaml/pyyaml/issues/420", + "source": "secalert@redhat.com" + }, { "url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "source": "secalert@redhat.com", diff --git a/CVE-2020/CVE-2020-355xx/CVE-2020-35525.json b/CVE-2020/CVE-2020-355xx/CVE-2020-35525.json index 7a0653d266e..02bf0028f68 100644 --- a/CVE-2020/CVE-2020-355xx/CVE-2020-35525.json +++ b/CVE-2020/CVE-2020-355xx/CVE-2020-35525.json @@ -2,8 +2,8 @@ "id": "CVE-2020-35525", "sourceIdentifier": "secalert@redhat.com", "published": "2022-09-01T18:15:08.540", - "lastModified": "2022-09-07T17:47:48.640", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:09.633", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -78,6 +78,10 @@ } ], "references": [ + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0007/", + "source": "secalert@redhat.com" + }, { "url": "https://www.sqlite.org/src/info/a67cf5b7d37d5b14", "source": "secalert@redhat.com", diff --git a/CVE-2020/CVE-2020-367xx/CVE-2020-36732.json b/CVE-2020/CVE-2020-367xx/CVE-2020-36732.json index 99a8a712884..15ba416e6c5 100644 --- a/CVE-2020/CVE-2020-367xx/CVE-2020-36732.json +++ b/CVE-2020/CVE-2020-367xx/CVE-2020-36732.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36732", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-12T02:15:48.347", - "lastModified": "2023-06-16T19:42:38.180", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:09.743", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -96,6 +96,10 @@ "Patch" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0003/", + "source": "cve@mitre.org" + }, { "url": "https://security.snyk.io/vuln/SNYK-JS-CRYPTOJS-548472", "source": "cve@mitre.org", diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23264.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23264.json index dd86bae8c8b..efc0b15eaa8 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23264.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23264.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23264", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-29T05:15:13.283", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:35:10.823", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -38,10 +38,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "98.0.1108.50", + "matchCriteriaId": "457D4728-B15B-4F84-8BE6-6684EC20EBAA" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23264", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-35xx/CVE-2022-3515.json b/CVE-2022/CVE-2022-35xx/CVE-2022-3515.json index 49f516c164b..d97d0fdbb02 100644 --- a/CVE-2022/CVE-2022-35xx/CVE-2022-3515.json +++ b/CVE-2022/CVE-2022-35xx/CVE-2022-3515.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3515", "sourceIdentifier": "secalert@redhat.com", "published": "2023-01-12T15:15:10.187", - "lastModified": "2023-05-18T18:08:04.067", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:09.857", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -37,7 +37,7 @@ "weaknesses": [ { "source": "secalert@redhat.com", - "type": "Primary", + "type": "Secondary", "description": [ { "lang": "en", @@ -149,6 +149,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0008/", + "source": "secalert@redhat.com" + }, { "url": "https://www.gnupg.org/blog/20221017-pepe-left-the-ksba.html", "source": "secalert@redhat.com", diff --git a/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json b/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json index e515c4660b4..69515e8d7d1 100644 --- a/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json +++ b/CVE-2022/CVE-2022-464xx/CVE-2022-46408.json @@ -2,19 +2,75 @@ "id": "CVE-2022-46408", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T03:15:09.357", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:22:32.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Ericsson Network Manager (ENM), versions prior to 22.1, contains a vulnerability in the application Network Connectivity Manager (NCM) where improper Neutralization of Formula Elements in a CSV File can lead to remote code execution or data leakage via maliciously injected hyperlinks. The attacker would need admin/elevated access to exploit the vulnerability." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1236" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ericsson:network_manager:*:*:*:*:*:*:*:*", + "versionEndExcluding": "22.1", + "matchCriteriaId": "80551B10-FC4B-43DA-8472-44053F8881D0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1150.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1150.json index ff01b1cbd86..73518a36b0d 100644 --- a/CVE-2023/CVE-2023-11xx/CVE-2023-1150.json +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1150.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1150", "sourceIdentifier": "info@cert.vde.com", "published": "2023-06-26T07:15:08.877", - "lastModified": "2023-06-26T13:02:32.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:58:33.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,519 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-363\\/040-000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "9A35B342-9D43-4D79-A350-0881F77E85F1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-363\\/040-000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A2ACE30-6FC4-4AAE-8EEF-D8F3C3CE814F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-362\\/040-000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "B010D10D-608D-499F-B5E7-5D768EA95242" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-362\\/040-000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "05A3A21A-1E9D-458E-9385-93DD645AA04B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-362\\/000-001_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "1FAC91DD-6F37-441C-BA36-AD969ABAD4C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-362\\/000-001:-:*:*:*:*:*:*:*", + "matchCriteriaId": "18F9CAA7-5ED8-4ACE-BBF9-0453C1BABDA4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-891_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "5778A709-DBFB-450A-B333-A58F69461A00" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-891:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22BAABD9-A10D-4904-AA02-C37C4490B47A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-365\\/040-010_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "2CAED5DA-800C-4442-BC88-3AC82180F1AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-365\\/040-010:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3B754A9-F107-4336-8B80-D74B4EC0A606" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-364\\/040-010_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "87F9FA7F-D1B8-4C5E-9981-067A2D66E015" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-364\\/040-010:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C2DD0E12-B916-4D5D-8407-D642A2B79998" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-362_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "496AE8E5-8E5A-4D93-9D1E-F558AC67B292" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-362:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6330A839-FAE3-43EB-B1AA-BA6844D9906D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-363_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "7FCCCC46-B213-4EC8-B8DF-BE7774C7731E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-363:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54E13E9C-226E-4BD6-8F0C-3061092E892A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-823_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "00E7270D-BA8B-482E-B15B-5F92F8646CB8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-823:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CB88572A-CB05-4B52-8BFC-05EFDC819244" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-832_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "324FC413-AC5B-41A7-891A-F1A804F8C25E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-832:-:*:*:*:*:*:*:*", + "matchCriteriaId": "13D1FA8D-C8BA-4D1C-8372-DECD40177631" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-832\\/000-002_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "291B13B5-3895-4F06-9CB9-C81BBE4961C2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-832\\/000-002:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0F21D094-AE7C-4501-83F1-0884CB549F3A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-862_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "CE4410A1-EF14-47A1-91BB-30AD9340E38C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-862:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FA04FBFB-9E1C-4618-9FDC-70675506D8D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-890_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "A7519056-04A3-4E7A-AF71-BF459E0E6141" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-890:-:*:*:*:*:*:*:*", + "matchCriteriaId": "11751A8B-FCFD-433B-9065-B4FC85168A93" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-890\\/025-000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "F67429CE-3C16-4EB8-8373-F963947FCB17" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-890\\/025-000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DA0B4137-C73C-47D0-8489-CA0EF41ED9A9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-890\\/025-001_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "D88C6F15-0379-47C4-ADB4-9CB7661AD044" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-890\\/025-001:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BC2C91AA-9BD8-4856-B9AB-8E6CEAF8C8EC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-890\\/025-002_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "B2C70D5A-7780-40B4-B3A9-79964324E32C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-890\\/025-002:-:*:*:*:*:*:*:*", + "matchCriteriaId": "21EB6B55-D27F-4939-832A-A391F6A3E89A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-890\\/040-000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "26E6806C-0EEF-4772-A64D-1C2124518991" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-890\\/040-000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7862FE67-A0D9-4E4D-B7BD-EB70CF0260A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wago:750-893_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "fw11", + "matchCriteriaId": "94C15A80-4AB7-46A8-8ADC-A57A07F4CFA4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wago:750-893:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D4795D0-B90B-4643-8713-88D89172D1A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-005/", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json new file mode 100644 index 00000000000..5d9f61cd0a7 --- /dev/null +++ b/CVE-2023/CVE-2023-12xx/CVE-2023-1298.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-1298", + "sourceIdentifier": "psirt@servicenow.com", + "published": "2023-07-06T18:15:10.497", + "lastModified": "2023-07-06T18:15:10.497", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@servicenow.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@servicenow.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1310230", + "source": "psirt@servicenow.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20199.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20199.json index 20781adee48..720e62de12b 100644 --- a/CVE-2023/CVE-2023-201xx/CVE-2023-20199.json +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20199.json @@ -2,8 +2,8 @@ "id": "CVE-2023-20199", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-06-28T15:15:10.070", - "lastModified": "2023-06-28T15:25:19.233", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:00:47.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "ykramarz@cisco.com", @@ -35,6 +57,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "ykramarz@cisco.com", "type": "Secondary", @@ -46,10 +78,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cisco:duo:*:*:*:*:*:macos:*:*", + "versionStartIncluding": "2.0.0", + "versionEndExcluding": "2.0.2", + "matchCriteriaId": "656CE362-218A-43E6-902E-4D8F9262E527" + } + ] + } + ] + } + ], "references": [ { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-mac-bypass-OyZpVPnx", - "source": "ykramarz@cisco.com" + "source": "ykramarz@cisco.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2183.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2183.json index 3f6d702abfa..52392ed58ed 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2183.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2183.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2183", "sourceIdentifier": "security@grafana.com", "published": "2023-06-06T19:15:11.277", - "lastModified": "2023-06-13T16:30:57.630", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.047", + "vulnStatus": "Modified", "evaluatorComment": "Impact ", "descriptions": [ { @@ -139,6 +139,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0002/", + "source": "security@grafana.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-222xx/CVE-2023-22299.json b/CVE-2023/CVE-2023-222xx/CVE-2023-22299.json index db65fca936e..0a9daa87633 100644 --- a/CVE-2023/CVE-2023-222xx/CVE-2023-22299.json +++ b/CVE-2023/CVE-2023-222xx/CVE-2023-22299.json @@ -2,7 +2,7 @@ "id": "CVE-2023-22299", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:10.713", - "lastModified": "2023-07-06T17:15:10.137", + "lastModified": "2023-07-06T18:15:10.687", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1712", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1712", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22653.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22653.json index b6e9ef5b273..622c983d4d8 100644 --- a/CVE-2023/CVE-2023-226xx/CVE-2023-22653.json +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22653.json @@ -2,7 +2,7 @@ "id": "CVE-2023-22653", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:11.130", - "lastModified": "2023-07-06T17:15:10.227", + "lastModified": "2023-07-06T18:15:10.807", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1714", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1714", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-228xx/CVE-2023-22886.json b/CVE-2023/CVE-2023-228xx/CVE-2023-22886.json index 170f57643c1..7b8f66b70eb 100644 --- a/CVE-2023/CVE-2023-228xx/CVE-2023-22886.json +++ b/CVE-2023/CVE-2023-228xx/CVE-2023-22886.json @@ -2,15 +2,38 @@ "id": "CVE-2023-22886", "sourceIdentifier": "security@apache.org", "published": "2023-06-29T10:15:09.650", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:32:59.063", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow JDBC Provider.\nAirflow JDBC Provider Connection\u2019s [Connection URL] parameters had no\nrestrictions, which made it possible to implement RCE attacks via\ndifferent type JDBC drivers, obtain airflow server permission.\nThis issue affects Apache Airflow JDBC Provider: before 4.0.0.\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:apache-airflow-providers-jdbc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "6885B26B-9F5D-4A92-AE70-3FAF28767E64" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/ynbjwp4n0vzql0xzhog1gkp1ovncf8j3", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-240xx/CVE-2023-24018.json b/CVE-2023/CVE-2023-240xx/CVE-2023-24018.json index 45ca2f02069..f03e8117d9d 100644 --- a/CVE-2023/CVE-2023-240xx/CVE-2023-24018.json +++ b/CVE-2023/CVE-2023-240xx/CVE-2023-24018.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24018", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:11.797", - "lastModified": "2023-07-06T17:15:10.300", + "lastModified": "2023-07-06T18:15:10.900", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1715", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1715", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24519.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24519.json index 69ede40e62f..2e7bd6f9867 100644 --- a/CVE-2023/CVE-2023-245xx/CVE-2023-24519.json +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24519.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24519", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.107", - "lastModified": "2023-07-06T17:15:10.373", + "lastModified": "2023-07-06T18:15:11.043", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24520.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24520.json index d39e0d24acb..90779f9dc52 100644 --- a/CVE-2023/CVE-2023-245xx/CVE-2023-24520.json +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24520.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24520", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.180", - "lastModified": "2023-07-06T17:15:10.453", + "lastModified": "2023-07-06T18:15:11.187", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1706", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1706", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24595.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24595.json index da0a493f6b7..97b6dc6f88f 100644 --- a/CVE-2023/CVE-2023-245xx/CVE-2023-24595.json +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24595.json @@ -2,7 +2,7 @@ "id": "CVE-2023-24595", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.397", - "lastModified": "2023-07-06T17:15:10.523", + "lastModified": "2023-07-06T18:15:11.330", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1713", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1713", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2454.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2454.json index ad3a9407ffb..3fb775e6984 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2454.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2454.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2454", "sourceIdentifier": "secalert@redhat.com", "published": "2023-06-09T19:15:09.253", - "lastModified": "2023-06-16T18:00:48.963", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.143", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -151,6 +151,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0006/", + "source": "secalert@redhat.com" + }, { "url": "https://www.postgresql.org/support/security/CVE-2023-2454/", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-24xx/CVE-2023-2455.json b/CVE-2023/CVE-2023-24xx/CVE-2023-2455.json index cd107efd37a..68cca43d88c 100644 --- a/CVE-2023/CVE-2023-24xx/CVE-2023-2455.json +++ b/CVE-2023/CVE-2023-24xx/CVE-2023-2455.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2455", "sourceIdentifier": "secalert@redhat.com", "published": "2023-06-09T19:15:09.313", - "lastModified": "2023-06-16T16:24:08.217", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.233", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -151,6 +151,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0006/", + "source": "secalert@redhat.com" + }, { "url": "https://www.postgresql.org/support/security/CVE-2023-2455/", "source": "secalert@redhat.com", diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25081.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25081.json index a41932d6738..7301912d6f2 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25081.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25081.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25081", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.470", - "lastModified": "2023-07-06T17:15:10.603", + "lastModified": "2023-07-06T18:15:11.473", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25082.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25082.json index e269b1b1f7c..05217a314bd 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25082.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25082.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25082", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.540", - "lastModified": "2023-07-06T17:15:10.680", + "lastModified": "2023-07-06T18:15:11.617", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25083.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25083.json index 6a80e9ebf96..dec283d138e 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25083.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25083.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25083", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.610", - "lastModified": "2023-07-06T17:15:10.777", + "lastModified": "2023-07-06T18:15:11.760", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25084.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25084.json index 5d2e31f6217..5e58404380b 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25084.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25084.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25084", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.680", - "lastModified": "2023-07-06T17:15:10.870", + "lastModified": "2023-07-06T18:15:11.897", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25085.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25085.json index bc6cefc1c0a..238fe4adfdb 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25085.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25085.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25085", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.757", - "lastModified": "2023-07-06T17:15:10.963", + "lastModified": "2023-07-06T18:15:12.040", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25086.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25086.json index 4907aea4024..043945b16c6 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25086.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25086.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25086", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.827", - "lastModified": "2023-07-06T17:15:11.057", + "lastModified": "2023-07-06T18:15:12.167", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25087.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25087.json index b4fec00d7f7..802021e5191 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25087.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25087.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25087", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.897", - "lastModified": "2023-07-06T17:15:11.137", + "lastModified": "2023-07-06T18:15:12.323", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25088.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25088.json index 06e6c4a8a01..47b65538432 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25088.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25088.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25088", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:12.967", - "lastModified": "2023-07-06T17:15:11.227", + "lastModified": "2023-07-06T18:15:12.467", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25089.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25089.json index 09f27506f65..b51afc9f829 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25089.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25089.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25089", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.043", - "lastModified": "2023-07-06T17:15:11.307", + "lastModified": "2023-07-06T18:15:12.590", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25090.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25090.json index f7b17507b51..e560153f705 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25090.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25090.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25090", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.117", - "lastModified": "2023-07-06T17:15:11.400", + "lastModified": "2023-07-06T18:15:12.753", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25091.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25091.json index 99640235f43..a10a25e7e7a 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25091.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25091.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25091", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.187", - "lastModified": "2023-07-06T17:15:11.473", + "lastModified": "2023-07-06T18:15:12.893", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25092.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25092.json index a1b372a29dc..bb2103bdce1 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25092.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25092.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25092", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.257", - "lastModified": "2023-07-06T17:15:11.540", + "lastModified": "2023-07-06T18:15:13.037", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25093.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25093.json index ba7f9c5c414..866031387f4 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25093.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25093.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25093", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.333", - "lastModified": "2023-07-06T17:15:11.610", + "lastModified": "2023-07-06T18:15:13.173", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25094.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25094.json index 8c27e6b7c78..fb2c49e568d 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25094.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25094.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25094", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.423", - "lastModified": "2023-07-06T17:15:11.683", + "lastModified": "2023-07-06T18:15:13.327", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25095.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25095.json index 7011fcb3e84..38ab0a26fcf 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25095.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25095.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25095", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.493", - "lastModified": "2023-07-06T17:15:11.750", + "lastModified": "2023-07-06T18:15:13.463", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25096.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25096.json index 56d1f9f6613..ade75194f96 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25096.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25096.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25096", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.563", - "lastModified": "2023-07-06T17:15:11.820", + "lastModified": "2023-07-06T18:15:13.603", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25097.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25097.json index 5fcefcebe8f..9fd3e6af65f 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25097.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25097.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25097", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.637", - "lastModified": "2023-07-06T17:15:11.887", + "lastModified": "2023-07-06T18:15:13.747", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25098.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25098.json index 6df12b7c585..60bd9a72725 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25098.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25098.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25098", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.707", - "lastModified": "2023-07-06T17:15:11.957", + "lastModified": "2023-07-06T18:15:13.893", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25099.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25099.json index 7ba4ba4a9b4..26082e5e050 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25099.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25099.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25099", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.783", - "lastModified": "2023-07-06T17:15:12.023", + "lastModified": "2023-07-06T18:15:14.030", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25100.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25100.json index 3873cbe100c..fbfd106777b 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25100.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25100.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25100", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.857", - "lastModified": "2023-07-06T17:15:12.093", + "lastModified": "2023-07-06T18:15:14.173", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25101.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25101.json index d32857aec18..0f1d4dfe8e8 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25101.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25101.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25101", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.923", - "lastModified": "2023-07-06T17:15:12.210", + "lastModified": "2023-07-06T18:15:14.303", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25102.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25102.json index 223e0e1275c..3d6d48f7b12 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25102.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25102.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25102", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:13.993", - "lastModified": "2023-07-06T17:15:12.283", + "lastModified": "2023-07-06T18:15:14.400", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25103.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25103.json index 18ef969909a..1075a9a8498 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25103.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25103.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25103", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.060", - "lastModified": "2023-07-06T17:15:12.357", + "lastModified": "2023-07-06T18:15:14.543", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25104.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25104.json index 3ebfc06d727..55e6561c395 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25104.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25104.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25104", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.127", - "lastModified": "2023-07-06T17:15:12.427", + "lastModified": "2023-07-06T18:15:14.663", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25105.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25105.json index 5e2bab23f45..3197eff2d89 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25105.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25105.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25105", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.197", - "lastModified": "2023-07-06T17:15:12.500", + "lastModified": "2023-07-06T18:15:14.827", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25106.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25106.json index 36014c0068d..0f5c4d1c8d2 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25106.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25106.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25106", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.267", - "lastModified": "2023-07-06T17:15:12.573", + "lastModified": "2023-07-06T18:15:14.967", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25107.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25107.json index 6bd2a5ca7bc..b130c05df7c 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25107.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25107.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25107", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.340", - "lastModified": "2023-07-06T17:15:12.650", + "lastModified": "2023-07-06T18:15:15.110", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25108.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25108.json index 0d5c0d5c18d..ab38e892335 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25108.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25108.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25108", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.407", - "lastModified": "2023-07-06T17:15:12.727", + "lastModified": "2023-07-06T18:15:15.250", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25109.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25109.json index d38bc9cfeb0..53a9819c3b1 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25109.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25109.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25109", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.473", - "lastModified": "2023-07-06T17:15:12.797", + "lastModified": "2023-07-06T18:15:15.390", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25110.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25110.json index db104717983..9de7d56950a 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25110.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25110.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25110", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.543", - "lastModified": "2023-07-06T17:15:12.870", + "lastModified": "2023-07-06T18:15:15.533", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25111.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25111.json index ef574fdd969..1f83fea2528 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25111.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25111.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25111", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.613", - "lastModified": "2023-07-06T17:15:12.943", + "lastModified": "2023-07-06T18:15:15.677", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25112.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25112.json index 93ba364a9bb..23afdfd105f 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25112.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25112.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25112", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.680", - "lastModified": "2023-07-06T17:15:13.017", + "lastModified": "2023-07-06T18:15:15.817", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25113.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25113.json index a2a55e70bef..a91799977f2 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25113.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25113.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25113", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.747", - "lastModified": "2023-07-06T17:15:13.087", + "lastModified": "2023-07-06T18:15:15.957", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25114.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25114.json index 2944f468ea9..e4ce58d2f4d 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25114.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25114.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25114", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.817", - "lastModified": "2023-07-06T17:15:13.157", + "lastModified": "2023-07-06T18:15:16.097", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25115.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25115.json index 68ddda42cbd..da48fc8ee1d 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25115.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25115.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25115", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.887", - "lastModified": "2023-07-06T17:15:13.227", + "lastModified": "2023-07-06T18:15:16.243", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25116.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25116.json index 2155d5d7e53..45314ede5e9 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25116.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25116.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25116", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:14.957", - "lastModified": "2023-07-06T17:15:13.300", + "lastModified": "2023-07-06T18:15:16.383", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25117.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25117.json index fb90d964682..6ebe43a7299 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25117.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25117.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25117", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.023", - "lastModified": "2023-07-06T17:15:13.370", + "lastModified": "2023-07-06T18:15:16.523", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25118.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25118.json index 4b780edb13c..58154060d6f 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25118.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25118.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25118", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.097", - "lastModified": "2023-07-06T17:15:13.440", + "lastModified": "2023-07-06T18:15:16.667", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25119.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25119.json index 8ab1af2361a..d067ff8b12b 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25119.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25119.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25119", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.163", - "lastModified": "2023-07-06T17:15:13.513", + "lastModified": "2023-07-06T18:15:16.807", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25120.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25120.json index 626e0a6eeeb..465c4e94689 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25120.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25120.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25120", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.233", - "lastModified": "2023-07-06T17:15:13.587", + "lastModified": "2023-07-06T18:15:16.950", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25121.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25121.json index ce3387ff12e..6a15dbda3d8 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25121.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25121.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25121", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.307", - "lastModified": "2023-07-06T17:15:13.657", + "lastModified": "2023-07-06T18:15:17.093", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25122.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25122.json index 608236f3cb9..1ad592421a2 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25122.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25122.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25122", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.377", - "lastModified": "2023-07-06T17:15:13.730", + "lastModified": "2023-07-06T18:15:17.237", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25123.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25123.json index 5036cb0c13b..19f08f5e06f 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25123.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25123.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25123", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.447", - "lastModified": "2023-07-06T17:15:13.807", + "lastModified": "2023-07-06T18:15:17.377", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25124.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25124.json index 1ef48d754a6..7d5fef751ba 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25124.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25124.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25124", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.513", - "lastModified": "2023-07-06T17:15:13.880", + "lastModified": "2023-07-06T18:15:17.520", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1716", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1716", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json index 326b8484b68..7e0f7440bdd 100644 --- a/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25433.json @@ -2,23 +2,83 @@ "id": "CVE-2023-25433", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T20:15:09.830", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:44:10.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libtiff:libtiff:4.5.0:-:*:*:*:*:*:*", + "matchCriteriaId": "5A5F7CB4-EB47-441F-AC8A-ACF688CA702D" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/520", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/467", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25582.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25582.json index 5d90529c63f..07c7f4e66fb 100644 --- a/CVE-2023/CVE-2023-255xx/CVE-2023-25582.json +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25582.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25582", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.587", - "lastModified": "2023-07-06T17:15:13.953", + "lastModified": "2023-07-06T18:15:17.643", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1723", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1723", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25583.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25583.json index 0ff1ca602f6..03e89a53f5a 100644 --- a/CVE-2023/CVE-2023-255xx/CVE-2023-25583.json +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25583.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25583", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-06T15:15:15.653", - "lastModified": "2023-07-06T17:15:14.030", + "lastModified": "2023-07-06T18:15:17.743", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1723", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1723", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json index a3f351ad348..d0d5eadbd89 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26434", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.487", - "lastModified": "2023-06-22T15:15:11.647", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:55:47.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -46,22 +76,64 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.10.6", + "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*", + "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Jun/8", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json index 0cc1b03582e..ed859be65b4 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26436", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.607", - "lastModified": "2023-06-22T15:15:11.890", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:29:42.787", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + }, { "source": "security@open-xchange.com", "type": "Secondary", @@ -46,22 +76,64 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.10.6", + "matchCriteriaId": "74EDAF14-4BF1-4E62-AA44-86090B6BEEFD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "D41FD049-C028-4C6D-A9D7-9DD1820B2C5F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:open-xchange:open-xchange_appsuite_backend:7.10.6:revision_39:*:*:*:*:*:*", + "matchCriteriaId": "1B382924-49BE-43BF-B012-7F8F8A90CA6C" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173083/OX-App-Suite-SSRF-Resource-Consumption-Command-Injection.html", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "http://seclists.org/fulldisclosure/2023/Jun/8", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf", - "source": "security@open-xchange.com" + "source": "security@open-xchange.com", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-266xx/CVE-2023-26612.json b/CVE-2023/CVE-2023-266xx/CVE-2023-26612.json index a8d378c6c6b..e33429f90ca 100644 --- a/CVE-2023/CVE-2023-266xx/CVE-2023-26612.json +++ b/CVE-2023/CVE-2023-266xx/CVE-2023-26612.json @@ -2,23 +2,94 @@ "id": "CVE-2023-26612", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:09.507", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:46:14.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the HostName field in SetParentsControlInfo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*", + "matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.dlink.com/en/security-bulletin/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-266xx/CVE-2023-26613.json b/CVE-2023/CVE-2023-266xx/CVE-2023-26613.json index cab486f5271..b6733627e2d 100644 --- a/CVE-2023/CVE-2023-266xx/CVE-2023-26613.json +++ b/CVE-2023/CVE-2023-266xx/CVE-2023-26613.json @@ -2,23 +2,94 @@ "id": "CVE-2023-26613", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:09.580", - "lastModified": "2023-07-06T17:15:14.107", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-07-06T18:46:03.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An OS command injection vulnerability in D-Link DIR-823G firmware version 1.02B05 allows unauthorized attackers to execute arbitrary operating system commands via a crafted GET request to EXCU_SHELL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*", + "matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/excu_shell", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.dlink.com/en/security-bulletin/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-266xx/CVE-2023-26616.json b/CVE-2023/CVE-2023-266xx/CVE-2023-26616.json index 7b6ec650812..375c7dd23c2 100644 --- a/CVE-2023/CVE-2023-266xx/CVE-2023-26616.json +++ b/CVE-2023/CVE-2023-266xx/CVE-2023-26616.json @@ -2,23 +2,94 @@ "id": "CVE-2023-26616", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:09.627", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:45:49.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "D-Link DIR-823G firmware version 1.02B05 has a buffer overflow vulnerability, which originates from the URL field in SetParentsControlInfo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*", + "matchCriteriaId": "359D06ED-7E8E-40E5-84A4-27F1693820E9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67B980AA-84BE-4D22-B4E7-7B2DBF571B65" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetParentsControlInfo", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.dlink.com/en/security-bulletin/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json b/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json index 02150a77ddb..1f99e64c252 100644 --- a/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json +++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26965.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26965", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-14T21:15:09.483", - "lastModified": "2023-06-28T18:31:25.697", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:09.980", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -73,6 +73,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0009/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json b/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json index 36e625f2f0f..aff21323052 100644 --- a/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json +++ b/CVE-2023/CVE-2023-269xx/CVE-2023-26966.json @@ -2,23 +2,83 @@ "id": "CVE-2023-26966", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T20:15:09.873", - "lastModified": "2023-06-29T23:57:54.363", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:43:56.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "libtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libtiff:libtiff:4.5.0:-:*:*:*:*:*:*", + "matchCriteriaId": "5A5F7CB4-EB47-441F-AC8A-ACF688CA702D" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/libtiff/libtiff/-/issues/530", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] }, { "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/473", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-278xx/CVE-2023-27866.json b/CVE-2023/CVE-2023-278xx/CVE-2023-27866.json index 39f3bb1f390..9ce4b949a49 100644 --- a/CVE-2023/CVE-2023-278xx/CVE-2023-27866.json +++ b/CVE-2023/CVE-2023-278xx/CVE-2023-27866.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27866", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-06-28T16:15:19.717", - "lastModified": "2023-06-28T19:27:43.520", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:09:06.450", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:informix_jdbc_driver:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50.0", + "versionEndExcluding": "4.50.10", + "matchCriteriaId": "490B31CB-F608-4749-87E3-EC0A10A0EC55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:informix_jdbc_driver:4.10:*:*:*:*:*:*:*", + "matchCriteriaId": "F5DCCC99-8EDE-4449-BC94-1E119CA75E5F" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249511", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7007615", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2700.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2700.json index f62512b2d6f..01fd1981e63 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2700.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2700.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2700", "sourceIdentifier": "secalert@redhat.com", "published": "2023-05-15T22:15:12.207", - "lastModified": "2023-05-25T17:14:48.953", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.307", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ "tags": [ "Patch" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0001/", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28857.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28857.json index b653f3644da..4412afd7a6d 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28857.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28857.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28857", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-27T18:15:13.120", - "lastModified": "2023-06-27T18:34:43.840", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:11:38.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,18 +76,53 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.5.0", + "versionEndExcluding": "6.5.9.1", + "matchCriteriaId": "32BB7127-CBDB-4413-9C86-C339477005B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.6.0", + "versionEndExcluding": "6.6.6", + "matchCriteriaId": "BB6E83E9-DBE8-4327-B899-A2CD4EF8B739" + } + ] + } + ] + } + ], "references": [ { "url": "https://apereo.github.io/2023/02/20/x509-vuln/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/apereo/cas/releases/tag/v6.6.6", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://securitylab.github.com/advisories/GHSL-2023-009_Apereo_CAS/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2801.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2801.json index 319a1becf5b..3d8fe32e65b 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2801.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2801.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2801", "sourceIdentifier": "security@grafana.com", "published": "2023-06-06T19:15:11.413", - "lastModified": "2023-06-13T16:33:49.213", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.383", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0002/", + "source": "security@grafana.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json index 5fbcfc3cc12..4077150b3c5 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2834.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2834", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-30T02:15:08.820", - "lastModified": "2023-06-30T12:59:58.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:03:08.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,34 +56,75 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:stylemixthemes:bookit:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3.7", + "matchCriteriaId": "7DAC7E3B-C96C-4416-B17C-0A663BE769F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://lana.codes/lanavdb/0dea1346-fd60-4338-8af6-6f89c29075d4/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/CustomerController.php#L27", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/bookit/tags/2.3.6/includes/classes/database/Customers.php#L63", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2919529/bookit", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2925153/bookit", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/blog/2023/06/stylemixthemes-addresses-authentication-bypass-vulnerability-in-bookit-wordpress-plugin/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cfd32e46-a4fc-4c10-b546-9f9da75db791?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3034.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3034.json index 33e13328f6b..68b2223c073 100644 --- a/CVE-2023/CVE-2023-30xx/CVE-2023-3034.json +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3034.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3034", "sourceIdentifier": "vulnerability@ncsc.ch", "published": "2023-06-28T09:15:09.677", - "lastModified": "2023-06-28T12:34:43.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:04:10.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "vulnerability@ncsc.ch", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "vulnerability@ncsc.ch", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bund:bkg_professional_ntripcaster:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.0.44", + "matchCriteriaId": "9DE07143-C27B-4D13-8554-AD6B27DA5E72" + } + ] + } + ] + } + ], "references": [ { "url": "https://igs.bkg.bund.de/ntrip/bkgcaster", - "source": "vulnerability@ncsc.ch" + "source": "vulnerability@ncsc.ch", + "tags": [ + "Product" + ] }, { "url": "https://igs.bkg.bund.de/root_ftp/NTRIP/software/NTRIPCASTER_CHANGELOG", - "source": "vulnerability@ncsc.ch" + "source": "vulnerability@ncsc.ch", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json index 81067a05a65..4c5164fed70 100644 --- a/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3063.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3063", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-30T02:15:09.457", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:57:21.283", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,14 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:smartypantsplugins:sp_project_\\&_document_manager:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.67", + "matchCriteriaId": "F903DBFE-156F-4E2C-9D68-64C1505CA6D1" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/sp-client-document-manager/trunk/classes/ajax.php#L149", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dc2e720-85d9-42d9-94ef-eb172425993d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3141.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3141.json index bc293a801f1..c31289c7555 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3141.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3141.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3141", "sourceIdentifier": "secalert@redhat.com", "published": "2023-06-09T20:15:10.327", - "lastModified": "2023-06-19T15:15:10.487", + "lastModified": "2023-07-06T19:15:10.957", "vulnStatus": "Modified", "descriptions": [ { @@ -91,6 +91,10 @@ "Mailing List", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0004/", + "source": "secalert@redhat.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json index a75d8ac6fd3..539e6a9440c 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3249.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3249", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-30T02:15:09.543", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:57:05.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,14 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:miniorange:web3_-_crypto_wallet_login_\\&_nft_token_gating:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.6.0", + "matchCriteriaId": "2BF385CF-2595-4720-ADBD-7E2D45E7F7F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/web3-authentication/tags/2.6.0/classes/common/Web3/controller/class-moweb3flowhandler.php#L198", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e30b62de-7280-4c29-b882-dfa83e65966b?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33466.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33466.json index 1e7aeece9d1..504f3475ff1 100644 --- a/CVE-2023/CVE-2023-334xx/CVE-2023-33466.json +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33466.json @@ -2,19 +2,76 @@ "id": "CVE-2023-33466", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.483", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:24:34.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Orthanc before 1.12.0 allows authenticated users with access to the Orthanc API to overwrite arbitrary files on the file system, and in specific deployment scenarios allows the attacker to overwrite the configuration, which can be exploited to trigger Remote Code Execution (RCE)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:orthanc-server:orthanc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.12.0", + "matchCriteriaId": "021ECF00-D12D-4633-8A33-D5E8AAD4C012" + } + ] + } + ] + } + ], "references": [ { "url": "https://discourse.orthanc-server.org/t/security-advisory-for-orthanc-deployments-running-versions-before-1-12-0/3568", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json index 3326d53430a..e65280e793b 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34149", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.450", - "lastModified": "2023-06-21T21:06:26.343", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.460", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -105,6 +105,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0005/", + "source": "security@apache.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json index 67ce4983392..1295eb847e5 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34396", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.520", - "lastModified": "2023-06-21T21:06:39.670", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-06T19:15:10.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -105,6 +105,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230706-0005/", + "source": "security@apache.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34420.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34420.json index 445d1328a79..512b947d4b5 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34420.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34420.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34420", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-06-26T20:15:10.247", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:19:25.597", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-98715", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34421.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34421.json index 95591ebdf87..688a0d8792a 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34421.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34421.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34421", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-06-26T20:15:10.307", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:17:47.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-98715", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34422.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34422.json index 6d952dc2719..552c7039da7 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34422.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34422.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34422", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-06-26T20:15:10.370", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:17:32.040", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lenovo:xclarity_administrator:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "0C5408FA-1190-4AC5-AB4D-954CB205067C" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-98715", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34486.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34486.json index 36536ab0079..43f363902eb 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34486.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34486.json @@ -2,19 +2,75 @@ "id": "CVE-2023-34486", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T14:15:09.633", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:32:22.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to Cross Site Scripting (XSS). Remote code execution can be achieved by entering malicious code in the date selection box." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_hotel_management_system_project:online_hotel_management_system:1.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF27C59F-0C18-4B30-80D9-E4A39C678517" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/JunyanYip/itsourcecode_justines_xss_vul", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34487.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34487.json index cc249d3a212..8e3c995187f 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34487.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34487.json @@ -2,19 +2,75 @@ "id": "CVE-2023-34487", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T14:15:09.693", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:31:09.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "itsourcecode Online Hotel Management System Project In PHP v1.0.0 is vulnerable to SQL Injection. SQL injection points exist in the login password input box. This vulnerability can be exploited through time-based blind injection." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_hotel_management_system_project:online_hotel_management_system:1.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DF27C59F-0C18-4B30-80D9-E4A39C678517" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/JunyanYip/itsourcecode_justines_sql_vul", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34598.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34598.json index c011e0f2e4a..c06a83f6235 100644 --- a/CVE-2023/CVE-2023-345xx/CVE-2023-34598.json +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34598.json @@ -2,19 +2,75 @@ "id": "CVE-2023-34598", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.530", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:38:44.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:*", + "matchCriteriaId": "77ED9C21-CA3A-4415-B42A-5DAFB9DAF190" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/maddsec/CVE-2023-34598", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34599.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34599.json index 137ffd2f972..08d92287342 100644 --- a/CVE-2023/CVE-2023-345xx/CVE-2023-34599.json +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34599.json @@ -2,19 +2,75 @@ "id": "CVE-2023-34599", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.570", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:05:10.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:*", + "matchCriteriaId": "77ED9C21-CA3A-4415-B42A-5DAFB9DAF190" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/maddsec/CVE-2023-34599", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34656.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34656.json index 301c845af84..d5baf25432d 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34656.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34656.json @@ -2,19 +2,77 @@ "id": "CVE-2023-34656", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.613", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:23:34.760", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered with the JSESSION IDs in Xiamen Si Xin Communication Technology Video management system 3.1 thru 4.1 allows attackers to gain escalated privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:video_management_system_project:video_management_system:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.1", + "versionEndIncluding": "4.1", + "matchCriteriaId": "D0A7C60B-FB76-4B6E-BFAC-B88BDA0CF937" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/kangjinlong1/Kang.github.io/blob/main/README.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json index 8e9dea2a994..dbfcc3388aa 100644 --- a/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34734.json @@ -2,19 +2,76 @@ "id": "CVE-2023-34734", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T03:15:09.470", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:47:07.303", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Annet AC Centralized Management Platform 1.02.040 is vulnerable to Stored Cross-Site Scripting (XSS) ." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:secnet:annet_ac_centralized_management_platform:1.02.040:*:*:*:*:*:*:*", + "matchCriteriaId": "64E7A674-D53A-4C10-8CAC-1F5686DEC62F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/prismbreak/vulnerabilities/issues/3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-347xx/CVE-2023-34735.json b/CVE-2023/CVE-2023-347xx/CVE-2023-34735.json index 479a8c6d607..a872acafebc 100644 --- a/CVE-2023/CVE-2023-347xx/CVE-2023-34735.json +++ b/CVE-2023/CVE-2023-347xx/CVE-2023-34735.json @@ -2,19 +2,76 @@ "id": "CVE-2023-34735", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T14:15:09.740", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:30:56.270", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Property Cloud Platform Management Center 1.0 is vulnerable to error-based SQL injection." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:property_cloud_platform_management_center_project:property_cloud_platform_management_center:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E7F7FCF0-DB2A-4339-97FD-015255D30B09" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/prismbreak/vulnerabilities/issues/4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json index 60524e56337..b5916abba93 100644 --- a/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34831.json @@ -2,23 +2,82 @@ "id": "CVE-2023-34831", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T03:15:09.517", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:52:42.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The \"Submission Web Form\" of Turnitin LTI tool/plugin version 1.3 is affected by HTML Injection attacks. The security issue affects the submission web form (\"id\" and \"title\" HTTP POST parameters) where the students submit their reports for similarity/plagiarism checks." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:odysseycs:ithacalabs_turnitin_lti:1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "EE2FAFEE-A58B-4E11-AFD7-435FDDDF6D76" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831/Turnitin_LTI_1.3_HTMLi_CVE-2023-34831.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://github.com/IthacaLabs/Turnitin/blob/main/Turnitin_Submission_Web_Form/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34849.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34849.json index 99fe51fabfa..15c898a4015 100644 --- a/CVE-2023/CVE-2023-348xx/CVE-2023-34849.json +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34849.json @@ -2,19 +2,76 @@ "id": "CVE-2023-34849", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T15:15:09.697", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:46:25.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ikuai8:ikuaios:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.7.1", + "matchCriteriaId": "2C2644EF-5536-45E1-BE12-0E80614A4692" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/cczzmm/IOT-POC/tree/main/Ikuai", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3457.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3457.json index 2c21cc8ff1d..4216556acd6 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3457.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3457.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3457", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-29T14:15:09.807", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:30:31.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/qwegz/CveList/blob/main/Shopping%20Website%20(E-Commerce)%20%20index.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.232674", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232674", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3458.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3458.json index e9b34169344..0a403143d97 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3458.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3458.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3458", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-29T14:15:09.887", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:29:44.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:shopping_website_project:shopping_website:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CB6F7B9D-35F5-4821-AA80-9942B5553734" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/AD-Appledog/CveHubList/blob/main/Shopping%20Website%20(E-Commerce)%20forgot-password.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.232675", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232675", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3469.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3469.json index 8b119bc56bd..01b0eb201d6 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3469.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3469.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3469", "sourceIdentifier": "security@huntr.dev", "published": "2023-06-30T01:15:08.880", - "lastModified": "2023-06-30T12:59:58.713", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:43:07.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,50 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.1.14", + "matchCriteriaId": "8A23CE37-3356-4EBD-AB7D-060CF611CF6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:3.2.0:alpha:*:*:*:*:*:*", + "matchCriteriaId": "71D0A0BD-EC7D-47C7-8C0F-716EE0843E52" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:3.2.0:beta:*:*:*:*:*:*", + "matchCriteriaId": "AA3CB4E9-252B-4326-BE77-679284864A4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/thorsten/phpmyfaq/commit/04a0183c25dd425f4c2bfb5f75b7650b932ae278", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/3565cfc9-82c4-4db8-9b8f-494dd81b56ca", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3473.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3473.json index c11547d43c6..12555c10e24 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3473.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3473.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3473", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T07:15:08.813", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:49:57.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:retro_cellphone_online_store_project:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A77A0EBC-52BE-4672-A49E-9C10696CD13D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Cellphone%20Online%20Store%20-%20vlun%204.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.232752", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232752", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3474.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3474.json index a23ca652dba..bffb78e91ac 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3474.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3474.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3474", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T07:15:08.927", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:48:59.220", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,14 +93,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simplephpscripts:simple_blog:3.2:*:*:*:*:*:*:*", + "matchCriteriaId": "FEC46C9B-DE6C-4AC8-939C-203524C7BBE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.232753", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232753", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3475.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3475.json index 9a5305c3383..d62bf17324e 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3475.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3475.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3475", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T07:15:09.030", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:48:30.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,16 +91,52 @@ "value": "CWE-79" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simplephpscripts:event_script:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "3EDE9BFD-0309-460B-815B-C080C376905C" + } + ] + } + ] } ], "references": [ { "url": "https://vuldb.com/?ctiid.232754", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232754", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3476.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3476.json index 19cea27aca7..40d4c4ba29f 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3476.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3476.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3476", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T07:15:09.130", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:51:15.307", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,14 +97,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:simplephpscripts:guestbook_script:2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "52949D69-3BFA-4C68-8777-7EA92D54487C" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.232755", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232755", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3477.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3477.json index a4025a7a077..a04ff9bd3e7 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3477.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3477.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3477", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-30T08:15:21.417", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:50:58.493", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,14 +97,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rocketsoft:rocket_lms:1.7:*:*:*:*:*:*:*", + "matchCriteriaId": "1A251EB9-20B0-4DC5-892B-A034369EAE65" + } + ] + } + ] + } + ], "references": [ { "url": "https://vuldb.com/?ctiid.232756", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.232756", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3479.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3479.json index f205a511e5c..d1e410b813f 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3479.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3479.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3479", "sourceIdentifier": "security@huntr.dev", "published": "2023-06-30T10:15:09.567", - "lastModified": "2023-06-30T12:59:54.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:50:34.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hestiacp:control_panel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.7.8", + "matchCriteriaId": "39AAED7C-8F09-4567-BF50-150F255627C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/hestiacp/hestiacp/commit/2326aa525a7ba14513af783f29cb5e62a476e67a", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/6ac5cf87-6350-4645-8930-8f2876427723", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-351xx/CVE-2023-35169.json b/CVE-2023/CVE-2023-351xx/CVE-2023-35169.json index 7b02809fe29..747b74be45b 100644 --- a/CVE-2023/CVE-2023-351xx/CVE-2023-35169.json +++ b/CVE-2023/CVE-2023-351xx/CVE-2023-35169.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35169", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-23T21:15:09.627", - "lastModified": "2023-06-24T12:41:30.800", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:01:47.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,26 +66,60 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webklex:php-imap:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.3.0", + "matchCriteriaId": "426A5575-8F8D-4BF0-A7AE-5C9D7EAB6481" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Webklex/php-imap/blob/5.2.0/src/Attachment.php#L251-L255", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Webklex/php-imap/blob/5.2.0/src/Attachment.php#L252", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Product" + ] }, { "url": "https://github.com/Webklex/php-imap/pull/414", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/Webklex/php-imap/releases/tag/5.3.0", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/Webklex/php-imap/security/advisories/GHSA-47p7-xfcc-4pv9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35930.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35930.json index ee9f58747fb..de9d0501d97 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35930.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35930.json @@ -2,16 +2,40 @@ "id": "CVE-2023-35930", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-26T20:15:10.507", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:17:12.143", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. Any user making a negative authorization decision based on the results of a `LookupResources` request with 1.22.0 is affected. For example, using `LookupResources` to find a list of resources to allow access to be okay: some subjects that should have access to a resource may not. But if using `LookupResources` to find a list of banned resources instead, then some users that shouldn't have access may. Generally, `LookupResources` is not and should not be to gate access in this way - that's what the `Check` API is for. Additionally, version 1.22.0 has included a warning about this bug since its initial release. Users are advised to upgrade to version 1.22.2. Users unable to upgrade should avoid using `LookupResources` for negative authorization decisions." + }, + { + "lang": "es", + "value": "SpiceDB es un sistema de base de datos de c\u00f3digo abierto, inspirado en Google Zanzibar, para crear y gestionar permisos de aplicaciones cr\u00edticos para la seguridad. Cualquier usuario que tome una decisi\u00f3n de autorizaci\u00f3n negativa basada en los resultados de una solicitud \"LookupResources\" con la versi\u00f3n 1.22.0 se ve afectado. Por ejemplo, si se utiliza \"LookupResources\" para buscar una lista de recursos a los que permitir el acceso, no pasa nada: algunos sujetos que deber\u00edan tener acceso a un recurso pueden no tenerlo. Pero si en cambio se utiliza \"LookupResources\" para encontrar una lista de recursos prohibidos, entonces algunos usuarios que no deber\u00edan tener acceso podr\u00edan tenerlo. En general, \"LookupResources\" no sirve ni deberia servir para bloquear el acceso de esta forma: para eso est\u00e1 la API \"Check\". Adem\u00e1s, la versi\u00f3n 1.22.0 ha incluido una advertencia sobre este error desde su lanzamiento inicial. Se recomienda a los usuarios que actualicen a la versi\u00f3n 1.22.2. Los usuarios que no puedan actualizarse deber\u00edan evitar el uso de \"LookupResources\" para decisiones de autorizaci\u00f3n negativas. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,7 +60,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,16 +68,51 @@ "value": "CWE-913" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-913" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:authzed:spicedb:1.22.0:-:*:*:*:*:*:*", + "matchCriteriaId": "E0806B94-B9EA-450F-B6F7-FC89D60F39FD" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/authzed/spicedb/pull/1397", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/authzed/spicedb/security/advisories/GHSA-m54h-5x5f-5m6r", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35933.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35933.json index 3c1ecc2c10a..633293e431c 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35933.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35933.json @@ -2,16 +2,40 @@ "id": "CVE-2023-35933", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-26T20:15:10.580", - "lastModified": "2023-06-26T22:13:24.933", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:13:47.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "OPenFGA is an open source authorization/permission engine built for developers. OpenFGA versions v1.1.0 and prior are vulnerable to a DoS attack when Check and ListObjects calls are executed against authorization models that contain circular relationship definitions. Users are affected by this vulnerability if they are using OpenFGA v1.1.0 or earlier, and if you are executing `Check` or `ListObjects` calls against a vulnerable authorization model. Users are advised to upgrade to version 1.1.1. There are no known workarounds for this vulnerability. Users that do not have circular relationships in their models are not affected." + }, + { + "lang": "es", + "value": "OpenFGA es un motor de autorizaci\u00f3n/permiso de c\u00f3digo abierto creado para desarrolladores. Las versiones v1.1.0 y anteriores de OpenFGA son vulnerables a un ataque DoS cuando se ejecutan llamadas a \"Check\" y \"ListObjects\" contra modelos de autorizaci\u00f3n que contienen definiciones de relaciones circulares. Los usuarios se ven afectados por esta vulnerabilidad si utilizan OpenFGA v1.1.0 o anterior, y si se ejecutan llamadas \"Check\" o \"ListObjects\" contra un modelo de autorizaci\u00f3n vulnerable. Se recomienda a los usuarios que actualicen la versi\u00f3n 1.1.1. No se conocen soluciones para esta vulnerabilidad. Los usuarios que no tengan relaciones circulares en sus modelos no se ver\u00e1n afectados. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,22 +70,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openfga:openfga:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.1.1", + "matchCriteriaId": "9095E429-49EA-4877-9CE1-F014340AEA2F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openfga/openfga/commit/087ce392595f3c319ab3028b5089118ea4063452", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/openfga/openfga/security/advisories/GHSA-hr9r-8phq-5x8j", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://openfga.dev/api/service#/Relationship%20Queries/Check", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://openfga.dev/api/service#/Relationship%20Queries/ListObjects", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json new file mode 100644 index 00000000000..28cb07be392 --- /dev/null +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3528.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-3528", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-07-06T18:15:17.877", + "lastModified": "2023-07-06T18:15:17.877", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in ThinuTech ThinuCMS 1.5. It has been rated as critical. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument cat_id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-233252." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.233252", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.233252", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3529.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3529.json new file mode 100644 index 00000000000..566f96df631 --- /dev/null +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3529.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-3529", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-07-06T19:15:11.030", + "lastModified": "2023-07-06T19:15:11.030", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in Rotem Dynamics Rotem CRM up to 20230729. This affects an unknown part of the file /LandingPages/api/otp/send?id=[ID][ampersand]method=sms of the component OTP URI Interface. The manipulation leads to information exposure through discrepancy. It is possible to initiate the attack remotely. The identifier VDB-233253 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.233253", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.233253", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36456.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36456.json new file mode 100644 index 00000000000..4c4cc2967d5 --- /dev/null +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36456.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2023-36456", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-06T19:15:10.633", + "lastModified": "2023-07-06T19:15:10.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "authentik is an open-source Identity Provider. Prior to versions 2023.4.3 and 2023.5.5, authentik does not verify the source of the X-Forwarded-For and X-Real-IP headers, both in the Python code and the go code. Only authentik setups that are directly accessible by users without a reverse proxy are susceptible to this. Possible spoofing of IP addresses in logs, downstream applications proxied by (built in) outpost, IP bypassing in custom flows if used.\n\nThis poses a possible security risk when someone has flows or policies that check the user's IP address, e.g. when they want to ignore the user's 2 factor authentication when the user is connected to the company network. A second security risk is that the IP addresses in the logfiles and user sessions are not reliable anymore. Anybody can spoof this address and one cannot verify that the user has logged in from the IP address that is in their account's log. A third risk is that this header is passed on to the proxied application behind an outpost. The application may do any kind of verification, logging, blocking or rate limiting based on the IP address, and this IP address can be overridden by anybody that want to.\n\nVersions 2023.4.3 and 2023.5.5 contain a patch for this issue.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 8.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-436" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/goauthentik/authentik/commit/15026748d19d490eb2baf9a9566ead4f805f7dff", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/goauthentik/authentik/commit/c07a48a3eccbd7b23026f72136d3392bbc6f795a", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/goauthentik/authentik/security/advisories/GHSA-cmxp-jcw7-jjjv", + "source": "security-advisories@github.com" + }, + { + "url": "https://goauthentik.io/docs/releases/2023.4#fixed-in-202343", + "source": "security-advisories@github.com" + }, + { + "url": "https://goauthentik.io/docs/releases/2023.5#fixed-in-202355", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json new file mode 100644 index 00000000000..734e1e74a71 --- /dev/null +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36459.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2023-36459", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-06T19:15:10.727", + "lastModified": "2023-07-06T19:15:10.727", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 1.3 and prior to versions 3.5.9, 4.0.5, and 4.1.3, an attacker using carefully crafted oEmbed data can bypass the HTML sanitization performed by Mastodon and include arbitrary HTML in oEmbed preview cards. This introduces a vector for cross-site scripting (XSS) payloads that can be rendered in the user's browser when a preview card for a malicious link is clicked through. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.8 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/mastodon/mastodon/commit/6d8e0fae3e96f3cf4febe03fa7fcf5b95ff761b2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-ccm4-vgcc-73hp", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json new file mode 100644 index 00000000000..b35f6152f03 --- /dev/null +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36460.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2023-36460", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-06T19:15:10.807", + "lastModified": "2023-07-06T19:15:10.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 3.5.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, attackers using carefully crafted media files can cause Mastodon's media processing code to create arbitrary files at any location. This allows attackers to create and overwrite any file Mastodon has access to, allowing Denial of Service and arbitrary Remote Code Execution. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.9, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/mastodon/mastodon/commit/dc8f1fbd976ae544720a4e07120d9a91b2722440", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9928-3cp5-93fm", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json new file mode 100644 index 00000000000..da4f321bed3 --- /dev/null +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36461.json @@ -0,0 +1,71 @@ +{ + "id": "CVE-2023-36461", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-07-06T19:15:10.880", + "lastModified": "2023-07-06T19:15:10.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mastodon is a free, open-source social network server based on ActivityPub. When performing outgoing HTTP queries, Mastodon sets a timeout on individual read operations. Prior to versions 3.5.9, 4.0.5, and 4.1.3, a malicious server can indefinitely extend the duration of the response through slowloris-type attacks. This vulnerability can be used to keep all Mastodon workers busy for an extended duration of time, leading to the server becoming unresponsive. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/mastodon/mastodon/commit/c5929798bf7e56cc2c79b15bed0c4692ded3dcb6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v3.5.9", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.0.5", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/releases/tag/v4.1.3", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/mastodon/mastodon/security/advisories/GHSA-9pxv-6qvf-pjwc", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36487.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36487.json index 8f16fb66e6e..aeffa91f6df 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36487.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36487.json @@ -2,23 +2,90 @@ "id": "CVE-2023-36487", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T17:15:09.813", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T19:43:16.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The password reset function in ILIAS 7.0_beta1 through 7.20 and 8.0_beta1 through 8.1 allows remote attackers to take over the account." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0", + "versionEndIncluding": "7.20", + "matchCriteriaId": "02AC47CB-AFBD-467B-BF68-9F7B0FD3926E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0", + "versionEndIncluding": "8.1", + "matchCriteriaId": "AA10BD9A-59BA-4553-B4B2-DFD2120ADF89" + } + ] + } + ] + } + ], "references": [ { "url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141694&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141703&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36617.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36617.json index 95dbad130ea..383eeccae2f 100644 --- a/CVE-2023/CVE-2023-366xx/CVE-2023-36617.json +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36617.json @@ -2,19 +2,83 @@ "id": "CVE-2023-36617", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T13:15:09.583", - "lastModified": "2023-06-29T15:35:43.220", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:34:41.793", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There is an increase in execution time for parsing strings to URI objects with rfc2396_parser.rb and rfc3986_parser.rb. NOTE: this issue exists becuse of an incomplete fix for CVE-2023-28755. Version 0.10.3 is also a fixed version." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1333" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ruby-lang:uri:*:*:*:*:*:ruby:*:*", + "versionEndExcluding": "0.10.3", + "matchCriteriaId": "06CEBB34-129C-4B37-97B8-AB07821FEF47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ruby-lang:uri:*:*:*:*:*:ruby:*:*", + "versionStartIncluding": "0.11.0", + "versionEndExcluding": "0.12.2", + "matchCriteriaId": "8975D88A-EAD0-4A3F-AB3E-1F768AAFFFBD" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.ruby-lang.org/en/news/2023/06/29/redos-in-uri-CVE-2023-36617/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36661.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36661.json index 33cc0d18535..57193f49d0c 100644 --- a/CVE-2023/CVE-2023-366xx/CVE-2023-36661.json +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36661.json @@ -2,23 +2,102 @@ "id": "CVE-2023-36661", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-25T22:15:21.403", - "lastModified": "2023-06-27T08:15:11.477", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:02:31.260", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed in, for example, Shibboleth Service Provider 3.4.1.3 on Windows.)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:shibboleth:xmltooling:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.2.4", + "matchCriteriaId": "E3512E07-8E7D-4F42-B5CF-D689C1999E7B" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + } + ], "references": [ { "url": "https://shibboleth.net/community/advisories/secadv_20230612.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5432", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36664.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36664.json index 2f540b251ec..7847a452e67 100644 --- a/CVE-2023/CVE-2023-366xx/CVE-2023-36664.json +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36664.json @@ -2,31 +2,119 @@ "id": "CVE-2023-36664", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-25T22:15:21.463", - "lastModified": "2023-07-04T04:15:11.237", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-07-06T18:00:48.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Artifex Ghostscript through 10.01.2 mishandles permission validation for pipe devices (with the %pipe% prefix or the | pipe character prefix)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "versionEndIncluding": "10.01.2", + "matchCriteriaId": "E6D70C21-E523-4DC9-AB91-E44E17296341" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706761", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Permissions Required" + ] }, { "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0974e4f2ac0005d3731e0b5c13ebc7e965540f4d", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=505eab7782b429017eb434b2b95120855f2b0e3c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5446", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37251.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37251.json index b7c19e439a7..c160a31065d 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37251.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37251.json @@ -2,19 +2,75 @@ "id": "CVE-2023-37251", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:09.947", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:45:16.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the GoogleAnalyticsMetrics extension for MediaWiki through 1.39.3. The googleanalyticstrackurl parser function does not properly escape JavaScript in the onclick handler and does not prevent use of javascript: URLs." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://phabricator.wikimedia.org/T333980", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37254.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37254.json index e79add0b859..8b958bfbb80 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37254.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37254.json @@ -2,19 +2,76 @@ "id": "CVE-2023-37254", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:10.000", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:45:09.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. XSS can occur in Special:CargoQuery via a crafted page item when using the default format." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://phabricator.wikimedia.org/T331065", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37255.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37255.json index 73b5a7b03f1..e5fc298c275 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37255.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37255.json @@ -2,19 +2,76 @@ "id": "CVE-2023-37255", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:10.043", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:45:01.657", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3. In Special:CheckUser, a check of the \"get edits\" type is vulnerable to HTML injection through the User-Agent HTTP request header." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://phabricator.wikimedia.org/T333569", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37256.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37256.json index fc80ceba983..d0d0d3a1d65 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37256.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37256.json @@ -2,19 +2,76 @@ "id": "CVE-2023-37256", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-29T16:15:10.087", - "lastModified": "2023-06-29T18:16:42.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:44:48.213", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. It allows one to store javascript: URLs in URL fields, and automatically links these URLs." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.39.3", + "matchCriteriaId": "DEA20A42-6E1A-4DA2-8869-A49894256285" + } + ] + } + ] + } + ], "references": [ { "url": "https://phabricator.wikimedia.org/T331311", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37298.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37298.json index a86a9ef2ddf..472cb1499ed 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37298.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37298.json @@ -2,27 +2,89 @@ "id": "CVE-2023-37298", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T15:15:09.007", - "lastModified": "2023-06-30T15:29:21.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:54:56.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Joplin before 2.11.5 allows XSS via a USE element in an SVG document." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joplin_project:joplin:*:*:*:*:*:-:*:*", + "versionEndExcluding": "2.11.5", + "matchCriteriaId": "BD2AEC11-397F-4C85-AA33-BCA9DFEBB263" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/laurent22/joplin/commit/caf66068bfc474bbfd505013076ed173cd90ca83", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/laurent22/joplin/releases/tag/v2.11.5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://vuln.ryotak.net/advisories/69", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37299.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37299.json index 085a2359f14..e8910fe97b5 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37299.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37299.json @@ -2,27 +2,89 @@ "id": "CVE-2023-37299", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-30T15:15:09.053", - "lastModified": "2023-06-30T15:29:21.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-06T18:54:42.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Joplin before 2.11.5 allows XSS via an AREA element of an image map." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:joplin_project:joplin:*:*:*:*:*:-:*:*", + "versionEndExcluding": "2.11.5", + "matchCriteriaId": "BD2AEC11-397F-4C85-AA33-BCA9DFEBB263" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/laurent22/joplin/commit/9e90d9016daf79b5414646a93fd369aedb035071", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/laurent22/joplin/releases/tag/v2.11.5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://vuln.ryotak.net/advisories/68", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 30c3d5ad3d0..f336aa104b4 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-06T18:00:36.431474+00:00 +2023-07-06T20:00:34.265320+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-06T17:54:23.273000+00:00 +2023-07-06T19:55:47.750000+00:00 ``` ### Last Data Feed Release @@ -29,56 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -219411 +219418 ``` ### CVEs added in the last Commit -Recently added CVEs: `12` +Recently added CVEs: `7` -* [CVE-2023-29381](CVE-2023/CVE-2023-293xx/CVE-2023-29381.json) (`2023-07-06T16:15:09.800`) -* [CVE-2023-29382](CVE-2023/CVE-2023-293xx/CVE-2023-29382.json) (`2023-07-06T16:15:09.853`) -* [CVE-2023-30319](CVE-2023/CVE-2023-303xx/CVE-2023-30319.json) (`2023-07-06T16:15:09.903`) -* [CVE-2023-30320](CVE-2023/CVE-2023-303xx/CVE-2023-30320.json) (`2023-07-06T16:15:09.950`) -* [CVE-2023-30321](CVE-2023/CVE-2023-303xx/CVE-2023-30321.json) (`2023-07-06T16:15:09.997`) -* [CVE-2023-34192](CVE-2023/CVE-2023-341xx/CVE-2023-34192.json) (`2023-07-06T16:15:10.047`) -* [CVE-2023-34193](CVE-2023/CVE-2023-341xx/CVE-2023-34193.json) (`2023-07-06T16:15:10.100`) -* [CVE-2023-36823](CVE-2023/CVE-2023-368xx/CVE-2023-36823.json) (`2023-07-06T16:15:10.147`) -* [CVE-2023-36830](CVE-2023/CVE-2023-368xx/CVE-2023-36830.json) (`2023-07-06T16:15:10.227`) -* [CVE-2023-37260](CVE-2023/CVE-2023-372xx/CVE-2023-37260.json) (`2023-07-06T16:15:10.303`) -* [CVE-2023-37453](CVE-2023/CVE-2023-374xx/CVE-2023-37453.json) (`2023-07-06T17:15:14.187`) -* [CVE-2023-37454](CVE-2023/CVE-2023-374xx/CVE-2023-37454.json) (`2023-07-06T17:15:14.240`) +* [CVE-2023-1298](CVE-2023/CVE-2023-12xx/CVE-2023-1298.json) (`2023-07-06T18:15:10.497`) +* [CVE-2023-3528](CVE-2023/CVE-2023-35xx/CVE-2023-3528.json) (`2023-07-06T18:15:17.877`) +* [CVE-2023-36456](CVE-2023/CVE-2023-364xx/CVE-2023-36456.json) (`2023-07-06T19:15:10.633`) +* [CVE-2023-36459](CVE-2023/CVE-2023-364xx/CVE-2023-36459.json) (`2023-07-06T19:15:10.727`) +* [CVE-2023-36460](CVE-2023/CVE-2023-364xx/CVE-2023-36460.json) (`2023-07-06T19:15:10.807`) +* [CVE-2023-36461](CVE-2023/CVE-2023-364xx/CVE-2023-36461.json) (`2023-07-06T19:15:10.880`) +* [CVE-2023-3529](CVE-2023/CVE-2023-35xx/CVE-2023-3529.json) (`2023-07-06T19:15:11.030`) ### CVEs modified in the last Commit -Recently modified CVEs: `87` +Recently modified CVEs: `119` -* [CVE-2023-25111](CVE-2023/CVE-2023-251xx/CVE-2023-25111.json) (`2023-07-06T17:15:12.943`) -* [CVE-2023-25112](CVE-2023/CVE-2023-251xx/CVE-2023-25112.json) (`2023-07-06T17:15:13.017`) -* [CVE-2023-25113](CVE-2023/CVE-2023-251xx/CVE-2023-25113.json) (`2023-07-06T17:15:13.087`) -* [CVE-2023-25114](CVE-2023/CVE-2023-251xx/CVE-2023-25114.json) (`2023-07-06T17:15:13.157`) -* [CVE-2023-25115](CVE-2023/CVE-2023-251xx/CVE-2023-25115.json) (`2023-07-06T17:15:13.227`) -* [CVE-2023-25116](CVE-2023/CVE-2023-251xx/CVE-2023-25116.json) (`2023-07-06T17:15:13.300`) -* [CVE-2023-25117](CVE-2023/CVE-2023-251xx/CVE-2023-25117.json) (`2023-07-06T17:15:13.370`) -* [CVE-2023-25118](CVE-2023/CVE-2023-251xx/CVE-2023-25118.json) (`2023-07-06T17:15:13.440`) -* [CVE-2023-25119](CVE-2023/CVE-2023-251xx/CVE-2023-25119.json) (`2023-07-06T17:15:13.513`) -* [CVE-2023-25120](CVE-2023/CVE-2023-251xx/CVE-2023-25120.json) (`2023-07-06T17:15:13.587`) -* [CVE-2023-25121](CVE-2023/CVE-2023-251xx/CVE-2023-25121.json) (`2023-07-06T17:15:13.657`) -* [CVE-2023-25122](CVE-2023/CVE-2023-251xx/CVE-2023-25122.json) (`2023-07-06T17:15:13.730`) -* [CVE-2023-25123](CVE-2023/CVE-2023-251xx/CVE-2023-25123.json) (`2023-07-06T17:15:13.807`) -* [CVE-2023-25124](CVE-2023/CVE-2023-251xx/CVE-2023-25124.json) (`2023-07-06T17:15:13.880`) -* [CVE-2023-25582](CVE-2023/CVE-2023-255xx/CVE-2023-25582.json) (`2023-07-06T17:15:13.953`) -* [CVE-2023-25583](CVE-2023/CVE-2023-255xx/CVE-2023-25583.json) (`2023-07-06T17:15:14.030`) -* [CVE-2023-26613](CVE-2023/CVE-2023-266xx/CVE-2023-26613.json) (`2023-07-06T17:15:14.107`) -* [CVE-2023-34843](CVE-2023/CVE-2023-348xx/CVE-2023-34843.json) (`2023-07-06T17:17:27.053`) -* [CVE-2023-33566](CVE-2023/CVE-2023-335xx/CVE-2023-33566.json) (`2023-07-06T17:26:08.160`) -* [CVE-2023-33567](CVE-2023/CVE-2023-335xx/CVE-2023-33567.json) (`2023-07-06T17:33:34.017`) -* [CVE-2023-1602](CVE-2023/CVE-2023-16xx/CVE-2023-1602.json) (`2023-07-06T17:36:03.250`) -* [CVE-2023-3357](CVE-2023/CVE-2023-33xx/CVE-2023-3357.json) (`2023-07-06T17:45:06.373`) -* [CVE-2023-34418](CVE-2023/CVE-2023-344xx/CVE-2023-34418.json) (`2023-07-06T17:52:45.680`) -* [CVE-2023-1783](CVE-2023/CVE-2023-17xx/CVE-2023-1783.json) (`2023-07-06T17:53:33.903`) -* [CVE-2023-36662](CVE-2023/CVE-2023-366xx/CVE-2023-36662.json) (`2023-07-06T17:54:23.273`) +* [CVE-2023-3479](CVE-2023/CVE-2023-34xx/CVE-2023-3479.json) (`2023-07-06T18:50:34.680`) +* [CVE-2023-3477](CVE-2023/CVE-2023-34xx/CVE-2023-3477.json) (`2023-07-06T18:50:58.493`) +* [CVE-2023-3476](CVE-2023/CVE-2023-34xx/CVE-2023-3476.json) (`2023-07-06T18:51:15.307`) +* [CVE-2023-34831](CVE-2023/CVE-2023-348xx/CVE-2023-34831.json) (`2023-07-06T18:52:42.250`) +* [CVE-2023-37299](CVE-2023/CVE-2023-372xx/CVE-2023-37299.json) (`2023-07-06T18:54:42.910`) +* [CVE-2023-37298](CVE-2023/CVE-2023-372xx/CVE-2023-37298.json) (`2023-07-06T18:54:56.713`) +* [CVE-2023-3249](CVE-2023/CVE-2023-32xx/CVE-2023-3249.json) (`2023-07-06T18:57:05.560`) +* [CVE-2023-3063](CVE-2023/CVE-2023-30xx/CVE-2023-3063.json) (`2023-07-06T18:57:21.283`) +* [CVE-2023-1150](CVE-2023/CVE-2023-11xx/CVE-2023-1150.json) (`2023-07-06T18:58:33.670`) +* [CVE-2023-35169](CVE-2023/CVE-2023-351xx/CVE-2023-35169.json) (`2023-07-06T19:01:47.627`) +* [CVE-2023-2834](CVE-2023/CVE-2023-28xx/CVE-2023-2834.json) (`2023-07-06T19:03:08.023`) +* [CVE-2023-34599](CVE-2023/CVE-2023-345xx/CVE-2023-34599.json) (`2023-07-06T19:05:10.733`) +* [CVE-2023-26965](CVE-2023/CVE-2023-269xx/CVE-2023-26965.json) (`2023-07-06T19:15:09.980`) +* [CVE-2023-2183](CVE-2023/CVE-2023-21xx/CVE-2023-2183.json) (`2023-07-06T19:15:10.047`) +* [CVE-2023-2454](CVE-2023/CVE-2023-24xx/CVE-2023-2454.json) (`2023-07-06T19:15:10.143`) +* [CVE-2023-2455](CVE-2023/CVE-2023-24xx/CVE-2023-2455.json) (`2023-07-06T19:15:10.233`) +* [CVE-2023-2700](CVE-2023/CVE-2023-27xx/CVE-2023-2700.json) (`2023-07-06T19:15:10.307`) +* [CVE-2023-2801](CVE-2023/CVE-2023-28xx/CVE-2023-2801.json) (`2023-07-06T19:15:10.383`) +* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-07-06T19:15:10.460`) +* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-07-06T19:15:10.557`) +* [CVE-2023-3141](CVE-2023/CVE-2023-31xx/CVE-2023-3141.json) (`2023-07-06T19:15:10.957`) +* [CVE-2023-22886](CVE-2023/CVE-2023-228xx/CVE-2023-22886.json) (`2023-07-06T19:32:59.063`) +* [CVE-2023-34598](CVE-2023/CVE-2023-345xx/CVE-2023-34598.json) (`2023-07-06T19:38:44.117`) +* [CVE-2023-36487](CVE-2023/CVE-2023-364xx/CVE-2023-36487.json) (`2023-07-06T19:43:16.007`) +* [CVE-2023-26434](CVE-2023/CVE-2023-264xx/CVE-2023-26434.json) (`2023-07-06T19:55:47.750`) ## Download and Usage