admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-05T18:00:34.099372+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-05 18:00:37 +00:00
parent 9c9c28a43d
commit 14970549d3
57 changed files with 6708 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2020/CVE-2020-184xx/CVE-2020-18406.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-18406",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T20:15:09.297",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:30:16.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in cmseasy v7.0.0 that allows user credentials to be sent in clear text due to no encryption of form data."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmseasy:cmseasy:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "257A2C1D-2B8E-4FCC-8EA9-0DAFA7F50E56"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/source-hunter/cmseasy/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2020/CVE-2020-184xx/CVE-2020-18410.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-18410",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T20:15:09.373",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:30:47.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A stored cross site scripting (XSS) vulnerability in /index.php?admin-master-article-edit of Chaoji CMS v2.18 that allows attackers to obtain administrator privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaoji_cms_project:chaoji_cms:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DA483300-3FE3-4249-AC6D-C38BD441A68E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GodEpic/chaojicms/issues/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2020/CVE-2020-184xx/CVE-2020-18413.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-18413",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T20:15:09.423",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:30:58.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stored cross site scripting (XSS) vulnerability in /index.php?admin-master-navmenu-add of Chaoji CMS v2.18 that allows attackers to execute arbitrary code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chaoji_cms_project:chaoji_cms:2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "DA483300-3FE3-4249-AC6D-C38BD441A68E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GodEpic/chaojicms/issues/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

64
CVE-2020/CVE-2020-184xx/CVE-2020-18416.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-18416",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T20:15:09.473",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:31:42.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jyuu:jymusic:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88EBD3D3-D623-4110-B7B6-AFBC535172E5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dtorp06/jymusic/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

69
CVE-2020/CVE-2020-184xx/CVE-2020-18418.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-18418",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T19:15:09.047",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:27:21.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:feifeicms:feifeicms:4.1.190209:*:*:*:*:*:*:*",
"matchCriteriaId": "00C51B19-3F7B-44D9-B7D1-61CD14AB2045"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/FeiFeiCMS_4.1_csrf.doc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/GodEpic/Vulnerability-detection/blob/master/feifeicms/poc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

20
CVE-2020/CVE-2020-259xx/CVE-2020-25969.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-25969",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T17:15:09.213",
"lastModified": "2023-07-05T17:15:09.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest()."
}
],
"metrics": {},
"references": [
{
"url": "https://sourceforge.net/p/gnuplot/bugs/2311/",
"source": "cve@mitre.org"
}
]
}

4
CVE-2021/CVE-2021-468xx/CVE-2021-46891.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46891",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.413",
"lastModified": "2023-07-05T13:15:09.413",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:43.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-468xx/CVE-2021-46893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-46893",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.467",
"lastModified": "2023-07-05T13:15:09.467",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

68
CVE-2023/CVE-2023-20xx/CVE-2023-2005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2005",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-06-26T18:15:09.580",
"lastModified": "2023-06-26T22:13:28.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:16:12.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
@ -34,10 +54,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tenable:nessus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EEA2071-B520-44B1-9320-198E3D264721"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tenable:securitycenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "772F9C28-5F96-4962-B2A4-2045B3C82008"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tenable:tenable.io:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6C740060-086C-4893-BAF2-6BB423252956"
}
]
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/tns-2023-21",
"source": "vulnreport@tenable.com"
"source": "vulnreport@tenable.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-225xx/CVE-2023-22593.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22593",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T19:15:09.187",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:28:23.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,72 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.0.1",
"versionEndIncluding": "21.0.7.3",
"matchCriteriaId": "B5BAAF00-D394-4243-807A-A6D41125EC4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndIncluding": "23.0.3",
"matchCriteriaId": "F513AA2B-F457-408B-8D5F-EBE657439000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F08E234C-BDCF-4B41-87B9-96BD5578CBBF"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244074",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7006001",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

2888
CVE-2023/CVE-2023-22xx/CVE-2023-2290.json
View File

File diff suppressed because it is too large Load Diff

86
CVE-2023/CVE-2023-234xx/CVE-2023-23468.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23468",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T19:15:09.293",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:28:41.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,72 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "21.0.1",
"versionEndIncluding": "21.0.7.3",
"matchCriteriaId": "B5BAAF00-D394-4243-807A-A6D41125EC4B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndIncluding": "23.0.3",
"matchCriteriaId": "F513AA2B-F457-408B-8D5F-EBE657439000"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F08E234C-BDCF-4B41-87B9-96BD5578CBBF"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244500",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7005999",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

429
CVE-2023/CVE-2023-250xx/CVE-2023-25004.json
View File

@ -2,19 +2,440 @@
"id": "CVE-2023-25004",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-06-27T19:15:09.383",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:29:14.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.2",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.5",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.4",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.3.1",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.5",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.3",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.4",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.8",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.4",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
"source": "psirt@autodesk.com"
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-253xx/CVE-2023-25399.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-25399",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T17:15:09.320",
"lastModified": "2023-07-05T17:15:09.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function."
}
],
"metrics": {},
"references": [
{
"url": "http://www.square16.org/achievement/cve-2023-25399/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/scipy/scipy/issues/16235",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/scipy/scipy/pull/16397",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-25xx/CVE-2023-2538.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2538",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-07-05T13:15:09.540",
"lastModified": "2023-07-05T13:15:09.540",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

100
CVE-2023/CVE-2023-262xx/CVE-2023-26274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26274",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T18:15:12.717",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:26:09.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,76 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248144",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7006085",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

100
CVE-2023/CVE-2023-262xx/CVE-2023-26276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26276",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T18:15:12.783",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:26:24.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,76 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248147",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7006081",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-273xx/CVE-2023-27390.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27390",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.507",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744",
"source": "talos-cna@cisco.com"
}
]
}

463
CVE-2023/CVE-2023-274xx/CVE-2023-27465.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27465",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:16.557",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:48:25.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,437 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d425-2_dp_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "0A65B54E-FE29-4352-8BA4-60C2F23F87F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d425-2_dp_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "B6979F0F-FA12-422F-938D-0C84D39F69E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d425-2_dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFD83F3F-CF11-44D9-8F9C-0B8D33BC3481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d425-2_dp\\/pn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "50C77E0A-9C5D-43EA-9157-C94CF4ACBE98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d425-2_dp\\/pn_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "35BA3146-E138-48C5-BAFB-36FF795C8591"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d425-2_dp\\/pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A007F9C-B6E3-4606-A7C2-B78E5F51C9BF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d435-2_dp_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "848DE61E-A4F9-4368-82AB-EA6FCD369EDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d435-2_dp_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "EC2302CA-AD84-4FE8-98EA-7764A5B8978B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d435-2_dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80932D46-6182-4B9D-9A66-BC381052DBF8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d435-2_dp\\/pn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "FE2ACB98-373C-471C-B5A7-8D1BE59BBDA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d435-2_dp\\/pn_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "AB781258-8A47-4388-A115-68ACF6CFD420"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d435-2_dp\\/pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3371CB24-AB41-44C7-93B7-78E2BD171D42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d445-2_dp\\/pn_\\(0aa1\\)_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "B9B8C9F9-9474-4153-8CCA-60308E13543D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d445-2_dp\\/pn_\\(0aa1\\)_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "117C8E63-C09D-412C-9B68-F2C72A8CCEDD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d445-2_dp\\/pn_\\(0aa1\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC9044F0-7E54-4C66-8613-A440B71D9D0D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d445-2_dp\\/pn_\\(0aa0\\)_firmware:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9D8FBD-E8E7-43E1-922F-973851E0D160"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d445-2_dp\\/pn_\\(0aa0\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "05D488BB-E0B5-46DF-B303-98524A39EEC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d455-2_dp\\/pn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "9CB06BE4-AA5C-4367-B34F-BB3FC17B9470"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d455-2_dp\\/pn_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "995B8740-C501-4448-9D22-4D115FAAE543"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d455-2_dp\\/pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "53FBAAA1-4012-463D-864B-C7BEAE15093E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_p320-4_e_firmware:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2C90B0F9-BBC8-417E-98FD-30BC069E769D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_p320-4_e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80DFB571-E3FA-44AA-B81C-AC7E13FFCB01"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_p320-4_s_firmware:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D49AFE41-D93E-4488-A5CB-AC48BB5921D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_p320-4_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4849FE93-67D0-496F-B47D-5035FF902540"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d410-2_dp_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "91C51B40-4344-4796-AF7B-9F85D255A113"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d410-2_dp_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "E2E25B36-BB4D-40B6-91A2-FC344E063B45"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d410-2_dp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2899391-D29A-4C95-A795-1B7EADCDF799"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d410-2_dp\\/pn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "52950381-7B46-46F7-9B44-0313EA47EA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_d410-2_dp\\/pn_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "BFA771D3-A08F-4690-853D-F07B47EC83AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_d410-2_dp\\/pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C5013B-BE8F-4635-9F7E-006EE737A4A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_c240_pn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "625A4A2B-37BB-4534-B1DD-3B18862F97BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_c240_pn_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "2BE0D94D-FFF4-4913-9376-A3389579CC70"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_c240_pn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2355A13D-6E84-4F35-8BE6-223C086E3719"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_c240_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.5",
"matchCriteriaId": "94035BD3-584A-4F93-A9AB-75A32F1628E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simotion_c240_firmware:5.5:-:*:*:*:*:*:*",
"matchCriteriaId": "6E8FF00E-5125-4CD8-BD83-9F595ABA3B11"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simotion_c240:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48B461ED-4B04-4EC2-B88E-F50D53509B1D"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-482956.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-288xx/CVE-2023-28829.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28829",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:16.707",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:36:45.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34A1F08A-1269-44F0-8B10-70A41F9306B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_net_pc_software:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "79A56438-47FC-4184-9401-0B859037D0F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "3EEF9BE1-F6E2-4C05-8020-4D7540882464"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A42E3FB0-6C66-4702-BDC8-39EEA54B5C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_pcs_7:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "0D25510C-F677-4A98-806C-FF644F11EEC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:simatic_wincc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0",
"matchCriteriaId": "D7E53AD8-C669-4E1F-9519-4DED57668766"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sinaut_st7sc:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C162C7-AC9A-44E3-BAE5-1C0D434F264B"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-508677.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-289xx/CVE-2023-28988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28988",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:09.127",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:52:50.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwebsolution:add-to-cart-direct-checkout-for-woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.48",
"matchCriteriaId": "F4528BA8-75BD-4FB3-9FA4-A2C38CD1CE78"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/add-to-cart-direct-checkout-for-woocommerce/wordpress-direct-checkout-add-to-cart-redirect-for-woocommerce-plugin-2-1-48-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-289xx/CVE-2023-28991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28991",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:10.187",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:52:33.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwebsolution:pi-woocommerce-order-date-time-and-type:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.19",
"matchCriteriaId": "F9BE3BB6-F6AF-4643-A1BC-423026468D48"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pi-woocommerce-order-date-time-and-type/wordpress-order-date-time-for-woocommerce-plugin-3-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

429
CVE-2023/CVE-2023-290xx/CVE-2023-29068.json
View File

@ -2,19 +2,440 @@
"id": "CVE-2023-29068",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-06-27T19:15:09.457",
"lastModified": "2023-06-27T20:45:06.090",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:29:40.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2020",
"versionEndExcluding": "2020.1.6",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.3",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1.3",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1.1",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.2",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.1",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.1",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.5",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.4",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.3.1",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.5",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.3",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2022",
"versionEndExcluding": "2022.4",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2021",
"versionEndExcluding": "2021.1.8",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023",
"versionEndExcluding": "2023.4",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
"source": "psirt@autodesk.com"
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-291xx/CVE-2023-29129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29129",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:16.767",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:02:50.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.16.4",
"versionEndExcluding": "1.18.0",
"matchCriteriaId": "ACDDF077-AA8C-4C06-9CE4-9816A2C0D0D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.4.0",
"matchCriteriaId": "C51EC049-8523-42C1-84FB-AAD63944C06D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mendix:saml:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.8",
"versionEndExcluding": "3.6.1",
"matchCriteriaId": "AB89301A-0D96-4941-B2EE-994BAED23B2A"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-851884.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

265
CVE-2023/CVE-2023-29xx/CVE-2023-2992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2992",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-06-26T20:15:09.933",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:27:57.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,239 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fhet60b-3.40",
"matchCriteriaId": "E20036ED-CC11-4093-847B-E324D5D18B04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21BACC24-DDE4-4016-97DE-60C51E5F1AC6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "7813CA0F-7081-4B35-A502-D7E960121989"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE24C16-2F33-4BD1-8E0F-8AB009842AB6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "C29AD224-2715-4B91-8F17-244C396833AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEF2683-FE65-4600-818F-25867008381E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "4A26434A-500B-4B9C-8880-E975167448EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B43352-1245-46E2-A167-47B2E629BFA7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "BECD4703-45C9-4A7A-9F39-E1BE738A6E21"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C425D71A-19B5-4983-B95C-B5CB6EB7C065"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "F17F2C1C-0F16-49A0-B84E-DDE31CD33D38"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A78D856-B4DF-4B79-9901-434AE6FCE240"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "umsm10s-1.07",
"matchCriteriaId": "1D8F59EB-B8B7-4472-848E-4236C308244C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A2C8EE-897D-4A4A-A9EB-AEEDA427D0C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "umsm10s-1.07",
"matchCriteriaId": "F7A82172-9767-4BB1-A399-082572B03002"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC0CC24-36CA-4C52-B149-F5FD48D8BB8A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

265
CVE-2023/CVE-2023-29xx/CVE-2023-2993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2993",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-06-26T20:15:10.000",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:30:11.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +76,239 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:nextscale_n1200_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "fhet60b-3.40",
"matchCriteriaId": "E20036ED-CC11-4093-847B-E324D5D18B04"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:nextscale_n1200_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21BACC24-DDE4-4016-97DE-60C51E5F1AC6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "7813CA0F-7081-4B35-A502-D7E960121989"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CE24C16-2F33-4BD1-8E0F-8AB009842AB6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_cp-cb-10e_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "C29AD224-2715-4B91-8F17-244C396833AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_cp-cb-10e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEF2683-FE65-4600-818F-25867008381E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_hx_enclosure_certified_node_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "4A26434A-500B-4B9C-8880-E975167448EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_hx_enclosure_certified_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41B43352-1245-46E2-A167-47B2E629BFA7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkagile_vx_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "BECD4703-45C9-4A7A-9F39-E1BE738A6E21"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkagile_vx_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C425D71A-19B5-4983-B95C-B5CB6EB7C065"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_d2_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "tesm38c-1.26",
"matchCriteriaId": "F17F2C1C-0F16-49A0-B84E-DDE31CD33D38"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_d2_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8A78D856-B4DF-4B79-9901-434AE6FCE240"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_da240_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "umsm10s-1.07",
"matchCriteriaId": "1D8F59EB-B8B7-4472-848E-4236C308244C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_da240_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A2C8EE-897D-4A4A-A9EB-AEEDA427D0C8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinksystem_dw612_enclosure_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "umsm10s-1.07",
"matchCriteriaId": "F7A82172-9767-4BB1-A399-082572B03002"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinksystem_dw612_enclosure:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0EC0CC24-36CA-4C52-B149-F5FD48D8BB8A"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-127357",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-307xx/CVE-2023-30757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30757",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:17.323",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:01:26.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD9E56C-D5F9-4AAB-AD73-F7DF5D630BF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:15:*:*:*:*:*:*:*",
"matchCriteriaId": "A5BC801E-9D78-4CD4-A457-00ABD5991515"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:15.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C36F0E09-C1BB-4ED2-9008-99DC761FDFAA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:16:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1E7FB1-03AF-4AF0-B1A6-3AF65C818596"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:17:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0C3283-1FEA-4054-9D48-5F683FA9E4FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:totally_integrated_automation_portal:18:*:*:*:*:*:*:*",
"matchCriteriaId": "68C7D9A3-9304-4A81-A970-717E5BA1ECF1"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-042050.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-30xx/CVE-2023-3089.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3089",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-05T13:15:09.707",
"lastModified": "2023-07-05T13:15:09.707",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-311xx/CVE-2023-31194.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31194",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-05T16:15:09.600",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An access violation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.4,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745",
"source": "talos-cna@cisco.com"
}
]
}

8
CVE-2023/CVE-2023-320xx/CVE-2023-32019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32019",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:11.507",
"lastModified": "2023-06-20T20:17:29.043",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-05T17:15:09.380",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -159,6 +159,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173310/Windows-Kernel-KTM-Registry-Transactions-Non-Atomic-Outcomes.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32019",
"source": "secure@microsoft.com",

74
CVE-2023/CVE-2023-331xx/CVE-2023-33176.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33176",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-26T20:15:10.063",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:49:17.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,26 +66,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.18",
"matchCriteriaId": "3B7CCA1A-4A56-43B9-A9AA-BB999FB98A72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bigbluebutton:bigbluebutton:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.9",
"matchCriteriaId": "55138784-E1EC-452E-8534-460BBB2A0C7C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/43394dade595d0707384e4878357901537352415",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/commit/b18aff32e65a47f1eb2c800e86dcfc7a8fb05e71",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18045",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/pull/18052",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/bigbluebutton/bigbluebutton/security/advisories/GHSA-3q22-hph2-cff7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-334xx/CVE-2023-33404.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-33404",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T20:15:10.137",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T17:35:32.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blogengine:blogengine.net:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.8.0",
"matchCriteriaId": "FF6301ED-2F5D-40E7-8620-67405198A2A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hacip/CVE-2023-33404",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-335xx/CVE-2023-33565.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-33565",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T19:15:09.047",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:38:44.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ROS2 (Robot Operating System 2) Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 are vulnerable to Denial-of-Service (DoS) attacks. A malicious user potentially exploited the vulnerability remotely and crashed the ROS2 nodes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openrobotics:robot_operating_system:2:foxy:*:*:*:*:*:*",
"matchCriteriaId": "53A6F65F-8E6F-4F7E-B357-0D2E450667B1"
}
]
}
]
}
],
"references": [
{
"url": "https://dl.acm.org/doi/abs/10.1145/3573910.3573912",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/16yashpatel/CVE-2023-33565",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-335xx/CVE-2023-33584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33584",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T13:15:10.117",
"lastModified": "2023-06-27T12:41:36.247",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-05T17:15:09.477",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
"VDB Entry"
]
},
{
"url": "https://www.exploit-db.com/exploits/51501",
"source": "cve@mitre.org"
},
{
"url": "https://www.sourcecodester.com/php/14444/enrollment-system-project-source-code-using-phpmysql.html",
"source": "cve@mitre.org",

64
CVE-2023/CVE-2023-340xx/CVE-2023-34098.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34098",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-27T17:15:09.683",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:25:47.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shopware:shopware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6.0",
"versionEndExcluding": "5.7.18",
"matchCriteriaId": "53316913-DCF1-4ED6-B9D6-05867CD86BCF"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-06-2023",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/shopware/shopware/security/advisories/GHSA-q97c-2mh3-pgw9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/shopware5/shopware/commit/b3518c8d9562a38615d638f31f79829f6e2f4b6a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.shopware.com/en/changelog-sw5/#5-7-18",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}
]
}

53
CVE-2023/CVE-2023-342xx/CVE-2023-34254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34254",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.320",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:53:39.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:glpi-project:glpi_agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5",
"matchCriteriaId": "61E24923-A3CC-409A-8405-02BE07A10300"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/glpi-project/glpi-agent/blob/dd313ee0914becf74c0e48cb512765210043b478/Changes#L98",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/glpi-project/glpi-agent/security/advisories/GHSA-39vc-hxgm-j465",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-344xx/CVE-2023-34460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34460",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T20:15:09.147",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:13:13.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,69 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tauri:tauri:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB02A4BD-CF71-49AE-943F-469EB7328175"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tauri-apps/tauri/commit/066c09a6ea06f42f550d090715e06beb65cd5564",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/tauri-apps/tauri/pull/6969#discussion_r1232018347",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/tauri-apps/tauri/pull/7227",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/tauri-apps/tauri/security/advisories/GHSA-wmff-grcw-jcfm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-346xx/CVE-2023-34673.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-34673",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T19:15:09.140",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:30:36.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC76559-2E3D-4749-A709-F8735AFCA18B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "202EBB13-21FD-4F02-A3F7-A9980EB6EDDB"
}
]
}
]
}
],
"references": [
{
"url": "http://elenos.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34673",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-34xx/CVE-2023-3455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3455",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.770",
"lastModified": "2023-07-05T13:15:09.770",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2023/CVE-2023-351xx/CVE-2023-35167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35167",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T20:15:09.227",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:17:49.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:remult:remult:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "0.20.6",
"matchCriteriaId": "AD3B9675-5858-4D19-BAC9-FB474B5A650D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/remult/remult/commit/6892ae97134126d8710ef7302bb2fc37730994c5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/remult/remult/releases/tag/v0.20.6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/remult/remult/security/advisories/GHSA-7hh3-3x64-v2g9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-358xx/CVE-2023-35801.json
View File

@ -2,27 +2,90 @@
"id": "CVE-2023-35801",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T06:15:11.767",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:22:22.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal vulnerability in Safe Software FME Server before 2022.2.5 allows an attacker to bypass validation when editing a network-based resource connection, resulting in the unauthorized reading and writing of arbitrary files. Successful exploitation requires an attacker to have access to a user account with write privileges. FME Flow 2023.0 is also a fixed version."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:safe:fme_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022.2.5",
"matchCriteriaId": "4D210294-1F30-46B3-ABD2-A3D77D270863"
}
]
}
]
}
],
"references": [
{
"url": "https://community.safe.com/s/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://community.safe.com/s/article/Known-Issue-FME-Flow-Directory-Traversal-Vulnerability",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://downloads.safe.com/fme/2023/whatsnew_server_2023_0_0_3.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

4
CVE-2023/CVE-2023-359xx/CVE-2023-35971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35971",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.277",
"lastModified": "2023-07-05T15:15:09.277",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35972.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35972",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.367",
"lastModified": "2023-07-05T15:15:09.367",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35973.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35973",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.437",
"lastModified": "2023-07-05T15:15:09.437",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35974.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35974",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.507",
"lastModified": "2023-07-05T15:15:09.507",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35975.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35975",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.580",
"lastModified": "2023-07-05T15:15:09.580",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35976.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35976",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.650",
"lastModified": "2023-07-05T15:15:09.650",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35977.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35977",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.720",
"lastModified": "2023-07-05T15:15:09.720",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35978.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35978",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.790",
"lastModified": "2023-07-05T15:15:09.790",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-359xx/CVE-2023-35979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35979",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-05T15:15:09.863",
"lastModified": "2023-07-05T15:15:09.863",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-35xx/CVE-2023-3515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3515",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-05T15:15:09.933",
"lastModified": "2023-07-05T15:15:09.933",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

69
CVE-2023/CVE-2023-366xx/CVE-2023-36663.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36663",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T21:15:11.967",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T16:07:21.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "it-novum openITCOCKPIT (aka open IT COCKPIT) 4.6.4 before 4.6.5 allows SQL Injection (by authenticated users) via the sort parameter of the API interface."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:it-novum:openitcockpit:4.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EF1B5703-DE1C-48E8-ADF4-0018A8923F31"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/it-novum/openITCOCKPIT/pull/1519/files",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://openitcockpit.io/2023/2023/06/13/openitcockpit-4-6-5-released-security-update/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-366xx/CVE-2023-36665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36665",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T14:15:09.410",
"lastModified": "2023-07-05T14:15:09.410",
"vulnStatus": "Received",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-369xx/CVE-2023-36932.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T16:15:09.687",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content."
}
],
"metrics": {},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023",
"source": "cve@mitre.org"
},
{
"url": "https://www.progress.com/moveit",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-369xx/CVE-2023-36933.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T16:15:09.740",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly."
}
],
"metrics": {},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023",
"source": "cve@mitre.org"
},
{
"url": "https://www.progress.com/moveit",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-369xx/CVE-2023-36934.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T16:15:09.793",
"lastModified": "2023-07-05T16:25:41.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content."
}
],
"metrics": {},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023",
"source": "cve@mitre.org"
},
{
"url": "https://www.progress.com/moveit",
"source": "cve@mitre.org"
}
]
}

65
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-05T16:00:27.379389+00:00
2023-07-05T18:00:34.099372+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-05T15:53:31.293000+00:00
2023-07-05T17:52:50.177000+00:00
```
### Last Data Feed Release
@ -29,42 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
219189
219196
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `7`
* [CVE-2023-36665](CVE-2023/CVE-2023-366xx/CVE-2023-36665.json) (`2023-07-05T14:15:09.410`)
* [CVE-2023-35971](CVE-2023/CVE-2023-359xx/CVE-2023-35971.json) (`2023-07-05T15:15:09.277`)
* [CVE-2023-35972](CVE-2023/CVE-2023-359xx/CVE-2023-35972.json) (`2023-07-05T15:15:09.367`)
* [CVE-2023-35973](CVE-2023/CVE-2023-359xx/CVE-2023-35973.json) (`2023-07-05T15:15:09.437`)
* [CVE-2023-35974](CVE-2023/CVE-2023-359xx/CVE-2023-35974.json) (`2023-07-05T15:15:09.507`)
* [CVE-2023-35975](CVE-2023/CVE-2023-359xx/CVE-2023-35975.json) (`2023-07-05T15:15:09.580`)
* [CVE-2023-35976](CVE-2023/CVE-2023-359xx/CVE-2023-35976.json) (`2023-07-05T15:15:09.650`)
* [CVE-2023-35977](CVE-2023/CVE-2023-359xx/CVE-2023-35977.json) (`2023-07-05T15:15:09.720`)
* [CVE-2023-35978](CVE-2023/CVE-2023-359xx/CVE-2023-35978.json) (`2023-07-05T15:15:09.790`)
* [CVE-2023-35979](CVE-2023/CVE-2023-359xx/CVE-2023-35979.json) (`2023-07-05T15:15:09.863`)
* [CVE-2023-3515](CVE-2023/CVE-2023-35xx/CVE-2023-3515.json) (`2023-07-05T15:15:09.933`)
* [CVE-2020-25969](CVE-2020/CVE-2020-259xx/CVE-2020-25969.json) (`2023-07-05T17:15:09.213`)
* [CVE-2023-27390](CVE-2023/CVE-2023-273xx/CVE-2023-27390.json) (`2023-07-05T16:15:09.507`)
* [CVE-2023-31194](CVE-2023/CVE-2023-311xx/CVE-2023-31194.json) (`2023-07-05T16:15:09.600`)
* [CVE-2023-36932](CVE-2023/CVE-2023-369xx/CVE-2023-36932.json) (`2023-07-05T16:15:09.687`)
* [CVE-2023-36933](CVE-2023/CVE-2023-369xx/CVE-2023-36933.json) (`2023-07-05T16:15:09.740`)
* [CVE-2023-36934](CVE-2023/CVE-2023-369xx/CVE-2023-36934.json) (`2023-07-05T16:15:09.793`)
* [CVE-2023-25399](CVE-2023/CVE-2023-253xx/CVE-2023-25399.json) (`2023-07-05T17:15:09.320`)
### CVEs modified in the last Commit
Recently modified CVEs: `12`
Recently modified CVEs: `49`
* [CVE-2020-20210](CVE-2020/CVE-2020-202xx/CVE-2020-20210.json) (`2023-07-05T15:15:54.197`)
* [CVE-2022-4488](CVE-2022/CVE-2022-44xx/CVE-2022-4488.json) (`2023-07-05T14:15:09.310`)
* [CVE-2022-25883](CVE-2022/CVE-2022-258xx/CVE-2022-25883.json) (`2023-07-05T15:49:56.963`)
* [CVE-2023-25003](CVE-2023/CVE-2023-250xx/CVE-2023-25003.json) (`2023-07-05T14:10:42.223`)
* [CVE-2023-3317](CVE-2023/CVE-2023-33xx/CVE-2023-3317.json) (`2023-07-05T14:39:38.013`)
* [CVE-2023-3132](CVE-2023/CVE-2023-31xx/CVE-2023-3132.json) (`2023-07-05T15:27:20.383`)
* [CVE-2023-32229](CVE-2023/CVE-2023-322xx/CVE-2023-32229.json) (`2023-07-05T15:31:03.920`)
* [CVE-2023-34671](CVE-2023/CVE-2023-346xx/CVE-2023-34671.json) (`2023-07-05T15:42:10.257`)
* [CVE-2023-25186](CVE-2023/CVE-2023-251xx/CVE-2023-25186.json) (`2023-07-05T15:48:07.843`)
* [CVE-2023-30258](CVE-2023/CVE-2023-302xx/CVE-2023-30258.json) (`2023-07-05T15:51:17.353`)
* [CVE-2023-33725](CVE-2023/CVE-2023-337xx/CVE-2023-33725.json) (`2023-07-05T15:52:44.110`)
* [CVE-2023-26115](CVE-2023/CVE-2023-261xx/CVE-2023-26115.json) (`2023-07-05T15:53:31.293`)
* [CVE-2023-3515](CVE-2023/CVE-2023-35xx/CVE-2023-3515.json) (`2023-07-05T16:25:41.353`)
* [CVE-2023-34098](CVE-2023/CVE-2023-340xx/CVE-2023-34098.json) (`2023-07-05T16:25:47.773`)
* [CVE-2023-26274](CVE-2023/CVE-2023-262xx/CVE-2023-26274.json) (`2023-07-05T16:26:09.287`)
* [CVE-2023-26276](CVE-2023/CVE-2023-262xx/CVE-2023-26276.json) (`2023-07-05T16:26:24.613`)
* [CVE-2023-22593](CVE-2023/CVE-2023-225xx/CVE-2023-22593.json) (`2023-07-05T16:28:23.427`)
* [CVE-2023-23468](CVE-2023/CVE-2023-234xx/CVE-2023-23468.json) (`2023-07-05T16:28:41.243`)
* [CVE-2023-25004](CVE-2023/CVE-2023-250xx/CVE-2023-25004.json) (`2023-07-05T16:29:14.923`)
* [CVE-2023-29068](CVE-2023/CVE-2023-290xx/CVE-2023-29068.json) (`2023-07-05T16:29:40.353`)
* [CVE-2023-34673](CVE-2023/CVE-2023-346xx/CVE-2023-34673.json) (`2023-07-05T16:30:36.027`)
* [CVE-2023-33565](CVE-2023/CVE-2023-335xx/CVE-2023-33565.json) (`2023-07-05T16:38:44.877`)
* [CVE-2023-34254](CVE-2023/CVE-2023-342xx/CVE-2023-34254.json) (`2023-07-05T16:53:39.367`)
* [CVE-2023-30757](CVE-2023/CVE-2023-307xx/CVE-2023-30757.json) (`2023-07-05T17:01:26.063`)
* [CVE-2023-29129](CVE-2023/CVE-2023-291xx/CVE-2023-29129.json) (`2023-07-05T17:02:50.873`)
* [CVE-2023-32019](CVE-2023/CVE-2023-320xx/CVE-2023-32019.json) (`2023-07-05T17:15:09.380`)
* [CVE-2023-33584](CVE-2023/CVE-2023-335xx/CVE-2023-33584.json) (`2023-07-05T17:15:09.477`)
* [CVE-2023-2005](CVE-2023/CVE-2023-20xx/CVE-2023-2005.json) (`2023-07-05T17:16:12.110`)
* [CVE-2023-2290](CVE-2023/CVE-2023-22xx/CVE-2023-2290.json) (`2023-07-05T17:22:10.923`)
* [CVE-2023-2992](CVE-2023/CVE-2023-29xx/CVE-2023-2992.json) (`2023-07-05T17:27:57.377`)
* [CVE-2023-2993](CVE-2023/CVE-2023-29xx/CVE-2023-2993.json) (`2023-07-05T17:30:11.073`)
* [CVE-2023-33404](CVE-2023/CVE-2023-334xx/CVE-2023-33404.json) (`2023-07-05T17:35:32.947`)
* [CVE-2023-28829](CVE-2023/CVE-2023-288xx/CVE-2023-28829.json) (`2023-07-05T17:36:45.750`)
* [CVE-2023-27465](CVE-2023/CVE-2023-274xx/CVE-2023-27465.json) (`2023-07-05T17:48:25.550`)
* [CVE-2023-33176](CVE-2023/CVE-2023-331xx/CVE-2023-33176.json) (`2023-07-05T17:49:17.157`)
* [CVE-2023-28991](CVE-2023/CVE-2023-289xx/CVE-2023-28991.json) (`2023-07-05T17:52:33.687`)
* [CVE-2023-28988](CVE-2023/CVE-2023-289xx/CVE-2023-28988.json) (`2023-07-05T17:52:50.177`)
## Download and Usage