admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-16T22:00:25.636231+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-16 22:00:29 +00:00
parent d993ac7585
commit 14f67e94f3
31 changed files with 1880 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
CVE-2020/CVE-2020-241xx/CVE-2020-24187.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-24187",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:10.237",
"lastModified": "2023-08-11T15:18:19.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T21:11:04.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jerryscript:jerryscript:2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC6C843-EE98-4852-8D03-7FC19D2E821C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Aurorainfinity/Poc/tree/master/jerryscript/NULL-dereference-ecma_get_lex_env_type",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/4076",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2020/CVE-2020-242xx/CVE-2020-24221.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-24221",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:10.297",
"lastModified": "2023-08-11T15:18:19.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T21:11:08.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GetByte function in miniupnp ngiflib version 0.4, allows local attackers to cause a denial of service (DoS) via crafted .gif file (infinite loop)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miniupnp_project:ngiflib:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE2BAA9-5D76-4039-A655-3F478ED5D601"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/miniupnp/ngiflib/issues/17",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

6
CVE-2021/CVE-2021-258xx/CVE-2021-25864.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-25864",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-26T18:16:21.897",
"lastModified": "2021-02-02T21:13:34.160",
"lastModified": "2023-08-16T20:29:49.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:node-red-contrib-huemagic_project:node-red-contrib-huemagic:3.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "450D1783-67DC-4AA6-B9E0-BB8ADE6CE553"
"criteria": "cpe:2.3:a:dgtl:huemagic:3.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "34B7DCCF-571F-4971-B41A-7B83E207C803"
}
]
}

65
CVE-2021/CVE-2021-265xx/CVE-2021-26504.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-26504",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:12.187",
"lastModified": "2023-08-11T15:18:01.437",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:22:24.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dgtl:huemagic:3.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "34B7DCCF-571F-4971-B41A-7B83E207C803"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Foddy/node-red-contrib-huemagic/issues/217",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

63
CVE-2021/CVE-2021-265xx/CVE-2021-26505.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2021-26505",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:12.257",
"lastModified": "2023-08-11T15:18:01.437",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:09:07.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hello.js_project:hello.js:1.18.6:*:*:*:*:node.js:*:*",
"matchCriteriaId": "8449D91E-C8BA-42F4-B8B3-7A30B8F5AC57"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MrSwitch/hello.js/issues/634",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
}
]
}

64
CVE-2021/CVE-2021-275xx/CVE-2021-27523.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2021-27523",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:12.320",
"lastModified": "2023-08-11T15:18:01.437",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:08:11.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in open-falcon dashboard version 0.2.0, allows remote attackers to gain, modify, and delete sensitive information via crafted POST request to register interface."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-falcon:dashboard:0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "977BD1DB-D24F-436A-9259-0A6FDC17E1E2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/open-falcon/dashboard/issues/153",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

59
CVE-2022/CVE-2022-298xx/CVE-2022-29887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-29887",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:12.437",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:35:20.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:manageability_commander:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "F66CDA13-93CB-4EC2-99AA-227177DD7365"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00893.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2022/CVE-2022-446xx/CVE-2022-44612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-44612",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:16.153",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:38:42.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unison:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.12",
"matchCriteriaId": "08E8CC7F-08C6-4C0B-B81D-FBB0D7F79CFC"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2022/CVE-2022-48xx/CVE-2022-4894.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-4894",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-08-16T21:15:09.477",
"lastModified": "2023-08-16T21:15:09.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Certain HP and Samsung Printer software packages may potentially be vulnerable to elevation of privilege due to Uncontrolled Search Path Element."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8947379-8947403-16/hpsbpi03857",
"source": "hp-security-alert@hp.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20209.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20209",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T21:15:09.650",
"lastModified": "2023-08-16T21:15:09.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read-write privileges on the application to perform a command injection attack that could result in remote code execution on an affected device.\r\n\r This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to establish a remote shell with root privileges."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-injection-X475EbTQ",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20228.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20228",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T21:15:09.737",
"lastModified": "2023-08-16T21:15:09.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of an affected interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the browser of the targeted user or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-xss-UMYtYEtr",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-202xx/CVE-2023-20242.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20242",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T21:15:09.800",
"lastModified": "2023-08-16T21:15:09.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-xss-QtT4VdsK",
"source": "ykramarz@cisco.com"
}
]
}

59
CVE-2023/CVE-2023-223xx/CVE-2023-22338.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22338",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:16.780",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:52:08.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:onevpl_gpu_runtime:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.6.5",
"matchCriteriaId": "ED9FACF6-33A2-480B-8BF2-E39ED1605067"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-228xx/CVE-2023-22843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22843",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T09:15:13.667",
"lastModified": "2023-08-09T12:46:39.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T21:06:13.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -46,10 +76,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.6.2",
"matchCriteriaId": "D5DACA15-76B3-417A-8776-9014575659A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.6.2",
"matchCriteriaId": "6317D905-9F4B-42A1-937E-AB79D99B1973"
}
]
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:4-01",
"source": "prodsec@nozominetworks.com"
"source": "prodsec@nozominetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-251xx/CVE-2023-25182.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25182",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:18.660",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:43:11.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unite:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "4.2.11",
"matchCriteriaId": "FE9DCB41-5F24-4416-B169-D8106B7EFB32"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00826.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-257xx/CVE-2023-25773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25773",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:18.820",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:45:18.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unite:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.2.34962",
"matchCriteriaId": "20F3A24C-4200-427A-8A82-3247EF4B6BB1"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00826.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-273xx/CVE-2023-27392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27392",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:23.257",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:37:35.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:support:*:*:*:*:*:android:*:*",
"versionEndExcluding": "v23.02.07",
"matchCriteriaId": "B5FA6F57-16C9-422A-8043-F569EDAD17D0"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00862.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-275xx/CVE-2023-27506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27506",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:23.817",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:56:58.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:optimization_for_tensorflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.12",
"matchCriteriaId": "C6B01686-6642-4649-980D-51D200E28D61"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00840.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-280xx/CVE-2023-28075.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28075",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-08-16T20:15:09.427",
"lastModified": "2023-08-16T20:15:09.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nDell BIOS contain a Time-of-check Time-of-use vulnerability in BIOS. A local authenticated malicious user with physical access to the system could potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI in order to gain arbitrary code execution on the system.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000212817/dsa-2023-152-security-update-for-a-dell-client-bios-vulnerability",
"source": "security_alert@emc.com"
}
]
}

73
CVE-2023/CVE-2023-29xx/CVE-2023-2905.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2905",
"sourceIdentifier": "cve@takeonme.org",
"published": "2023-08-09T05:15:40.740",
"lastModified": "2023-08-09T12:46:53.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:49:56.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH\u00a0parsed message with a variable length header, Cesanta Mongoose, an\u00a0embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not appear to be vulnerable. This issue is resolved in version 7.11.\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cve@takeonme.org",
"type": "Secondary",
@ -23,18 +56,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cesanta:mongoose:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "56CBAB29-FE86-4AD6-B410-BE5B5A4AEBF7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cesanta/mongoose/pull/2274",
"source": "cve@takeonme.org"
"source": "cve@takeonme.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/cesanta/mongoose/releases/tag/7.11",
"source": "cve@takeonme.org"
"source": "cve@takeonme.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://takeonme.org/cves/CVE-2023-2905.html",
"source": "cve@takeonme.org"
"source": "cve@takeonme.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-324xx/CVE-2023-32453.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32453",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-08-16T20:15:09.560",
"lastModified": "2023-08-16T20:15:09.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nDell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may potentially exploit this vulnerability in order to modify a security-critical UEFI variable without knowledge of the BIOS administrator.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000215217/dsa-2023-190-dell-client-bios",
"source": "security_alert@emc.com"
}
]
}

59
CVE-2023/CVE-2023-326xx/CVE-2023-32609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32609",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:32.403",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:05:07.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unite:*:*:*:*:*:android:*:*",
"versionEndExcluding": "4.2.3504",
"matchCriteriaId": "600D672B-B11D-4A14-9D7D-1193A6784BAC"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00932.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-399xx/CVE-2023-39952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39952",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-10T14:15:15.270",
"lastModified": "2023-08-10T14:46:58.037",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:23:36.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,107 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "22.0.0",
"versionEndExcluding": "22.2.10.13",
"matchCriteriaId": "2A984DB5-B23A-4A3B-974F-9859A3FE5782"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.0.12.8",
"matchCriteriaId": "00E5E519-BCEC-47AB-BD6C-3B45C7475320"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "24.0.0",
"versionEndExcluding": "24.0.12.4",
"matchCriteriaId": "A54AB8A9-8FF1-420E-9A16-C3D123E1B320"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.8",
"matchCriteriaId": "A2EE7242-A7BB-4FE3-8617-9C355C68EB2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.8",
"matchCriteriaId": "05C7C20F-A320-425C-BECF-E895E5ACF1CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.3",
"matchCriteriaId": "636E2B84-2F89-4F35-9ADF-BCB1761B2E2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.3",
"matchCriteriaId": "54FD90F4-2243-4A99-954B-FCC44EE180AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:27.0.0:*:*:*:-:*:*:*",
"matchCriteriaId": "13650329-BCD1-4FDB-9446-5133C0EDC905"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:27.0.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "DB1974B0-31C5-4E22-9E8C-BD40C6B54D0C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/groupfolders/issues/1906",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-cq8w-v4fh-4rjq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/38890",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://hackerone.com/reports/1808079",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
}
]
}

71
CVE-2023/CVE-2023-400xx/CVE-2023-40021.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-40021",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-16T21:15:09.880",
"lastModified": "2023-08-16T21:15:09.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Oppia is an online learning platform. When comparing a received CSRF token against the expected token, Oppia uses the string equality operator (`==`), which is not safe against timing attacks. By repeatedly submitting invalid tokens, an attacker can brute-force the expected CSRF token character by character. Once they have recovered the token, they can then submit a forged request on behalf of a logged-in user and execute privileged actions on that user's behalf. In particular the function to validate received CSRF tokens is at `oppia.core.controllers.base.CsrfTokenManager.is_csrf_token_valid`. An attacker who can lure a logged-in Oppia user to a malicious website can perform any change on Oppia that the user is authorized to do, including changing profile information; creating, deleting, and changing explorations; etc. Note that the attacker cannot change a user's login credentials. An attack would need to complete within 1 second because every second, the time used in computing the token changes. This issue has been addressed in commit `b89bf80837` which has been included in release `3.3.2-hotfix-2`. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
},
{
"lang": "en",
"value": "CWE-208"
}
]
}
],
"references": [
{
"url": "https://github.com/oppia/oppia/blob/3a05c3558a292f3db9e658e60e708c266c003fd0/core/controllers/base.py#L964-L990",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/oppia/oppia/commit/b89bf808378c1236874b5797a7bda32c77b4af23",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/oppia/oppia/pull/18769",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/oppia/oppia/security/advisories/GHSA-49jp-pjc3-2532",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-400xx/CVE-2023-40033.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-40033",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-16T21:15:09.987",
"lastModified": "2023-08-16T21:15:09.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Flarum is an open source forum software. Flarum is affected by a vulnerability that allows an attacker to conduct a Blind Server-Side Request Forgery (SSRF) attack or disclose any file on the server, even with a basic user account on any Flarum forum. By uploading a file containing a URL and spoofing the MIME type, an attacker can manipulate the application to execute unintended actions. The vulnerability is due to the behavior of the `intervention/image` package, which attempts to interpret the supplied file contents as a URL, which then fetches its contents. This allows an attacker to exploit the vulnerability to perform SSRF attacks, disclose local file contents, or conduct a blind oracle attack. This has been patched in Flarum version 1.8.0. Users are advised to upgrade. Users unable to upgrade may disable PHP's `allow_url_fopen` which will prevent the fetching of external files via URLs as a temporary workaround for the SSRF aspect of the vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/flarum/framework/commit/d1059c1cc79fe61f9538f3da55e8f42abbede570",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/flarum/framework/security/advisories/GHSA-67c6-q4j4-hccg",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-400xx/CVE-2023-40034.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-40034",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-16T21:15:10.087",
"lastModified": "2023-08-16T21:15:10.087",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a forge witch is also in public usage. This issue has been addressed in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/woodpecker-ci/woodpecker/commit/6e4c2f84cc84661d58cf1c0e5c421a46070bb105",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/woodpecker-ci/woodpecker/pull/2221",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/woodpecker-ci/woodpecker/pull/2222",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/woodpecker-ci/woodpecker/security/advisories/GHSA-4gcf-5m39-98mc",
"source": "security-advisories@github.com"
}
]
}

143
CVE-2023/CVE-2023-41xx/CVE-2023-4128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4128",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-10T17:15:12.033",
"lastModified": "2023-08-14T03:15:09.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-16T20:32:04.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,26 +54,135 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5",
"matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:-:*:*:*:*:*:*",
"matchCriteriaId": "A2D9420A-9BF4-4C16-B6DA-8A1D279F7384"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4128",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225511",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/netdev/193d6cdf-d6c9-f9be-c36a-b2a7551d5fb6@mojatatu.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-43xx/CVE-2023-4382.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-4382",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-16T20:15:09.650",
"lastModified": "2023-08-16T20:15:09.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in tdevs Hyip Rio 2.1. Affected by this issue is some unknown functionality of the file /user/settings of the component Profile Settings. The manipulation of the argument avatar leads to cross site scripting. The attack may be launched remotely. VDB-237314 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.237314",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.237314",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-43xx/CVE-2023-4383.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-4383",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-16T20:15:09.740",
"lastModified": "2023-08-16T20:15:09.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-279"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/dmknght/ac489cf3605ded09b3925521afee3003",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.237315",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.237315",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-43xx/CVE-2023-4384.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-4384",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-16T20:15:09.827",
"lastModified": "2023-08-16T20:15:09.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in MaximaTech Portal Executivo 21.9.1.140 and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to missing encryption of sensitive data. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237316. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6
},
"baseSeverity": "LOW",
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"references": [
{
"url": "https://l6x.notion.site/PoC-7041cf9625554273b17148de85705d06?pvs=4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.237316",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.237316",
"source": "cna@vuldb.com"
}
]
}

63
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-16T20:00:28.512128+00:00
2023-08-16T22:00:25.636231+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-16T19:57:00.017000+00:00
2023-08-16T21:15:10.087000+00:00
```
### Last Data Feed Release
@ -29,42 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
222832
222844
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `12`
* [CVE-2023-38737](CVE-2023/CVE-2023-387xx/CVE-2023-38737.json) (`2023-08-16T19:15:09.793`)
* [CVE-2023-4387](CVE-2023/CVE-2023-43xx/CVE-2023-4387.json) (`2023-08-16T19:15:10.087`)
* [CVE-2023-4389](CVE-2023/CVE-2023-43xx/CVE-2023-4389.json) (`2023-08-16T19:15:10.163`)
* [CVE-2022-4894](CVE-2022/CVE-2022-48xx/CVE-2022-4894.json) (`2023-08-16T21:15:09.477`)
* [CVE-2023-28075](CVE-2023/CVE-2023-280xx/CVE-2023-28075.json) (`2023-08-16T20:15:09.427`)
* [CVE-2023-32453](CVE-2023/CVE-2023-324xx/CVE-2023-32453.json) (`2023-08-16T20:15:09.560`)
* [CVE-2023-4382](CVE-2023/CVE-2023-43xx/CVE-2023-4382.json) (`2023-08-16T20:15:09.650`)
* [CVE-2023-4383](CVE-2023/CVE-2023-43xx/CVE-2023-4383.json) (`2023-08-16T20:15:09.740`)
* [CVE-2023-4384](CVE-2023/CVE-2023-43xx/CVE-2023-4384.json) (`2023-08-16T20:15:09.827`)
* [CVE-2023-20209](CVE-2023/CVE-2023-202xx/CVE-2023-20209.json) (`2023-08-16T21:15:09.650`)
* [CVE-2023-20228](CVE-2023/CVE-2023-202xx/CVE-2023-20228.json) (`2023-08-16T21:15:09.737`)
* [CVE-2023-20242](CVE-2023/CVE-2023-202xx/CVE-2023-20242.json) (`2023-08-16T21:15:09.800`)
* [CVE-2023-40021](CVE-2023/CVE-2023-400xx/CVE-2023-40021.json) (`2023-08-16T21:15:09.880`)
* [CVE-2023-40033](CVE-2023/CVE-2023-400xx/CVE-2023-40033.json) (`2023-08-16T21:15:09.987`)
* [CVE-2023-40034](CVE-2023/CVE-2023-400xx/CVE-2023-40034.json) (`2023-08-16T21:15:10.087`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `18`
* [CVE-2019-13194](CVE-2019/CVE-2019-131xx/CVE-2019-13194.json) (`2023-08-16T18:51:08.290`)
* [CVE-2019-13193](CVE-2019/CVE-2019-131xx/CVE-2019-13193.json) (`2023-08-16T18:51:58.137`)
* [CVE-2019-13192](CVE-2019/CVE-2019-131xx/CVE-2019-13192.json) (`2023-08-16T18:52:01.080`)
* [CVE-2023-33468](CVE-2023/CVE-2023-334xx/CVE-2023-33468.json) (`2023-08-16T18:03:44.977`)
* [CVE-2023-39961](CVE-2023/CVE-2023-399xx/CVE-2023-39961.json) (`2023-08-16T18:35:46.193`)
* [CVE-2023-39964](CVE-2023/CVE-2023-399xx/CVE-2023-39964.json) (`2023-08-16T18:44:24.103`)
* [CVE-2023-39965](CVE-2023/CVE-2023-399xx/CVE-2023-39965.json) (`2023-08-16T18:52:42.710`)
* [CVE-2023-39966](CVE-2023/CVE-2023-399xx/CVE-2023-39966.json) (`2023-08-16T18:55:12.590`)
* [CVE-2023-2737](CVE-2023/CVE-2023-27xx/CVE-2023-2737.json) (`2023-08-16T19:04:32.000`)
* [CVE-2023-39250](CVE-2023/CVE-2023-392xx/CVE-2023-39250.json) (`2023-08-16T19:04:32.000`)
* [CVE-2023-4204](CVE-2023/CVE-2023-42xx/CVE-2023-4204.json) (`2023-08-16T19:04:32.000`)
* [CVE-2023-4385](CVE-2023/CVE-2023-43xx/CVE-2023-4385.json) (`2023-08-16T19:04:32.000`)
* [CVE-2023-39953](CVE-2023/CVE-2023-399xx/CVE-2023-39953.json) (`2023-08-16T19:10:58.313`)
* [CVE-2023-39954](CVE-2023/CVE-2023-399xx/CVE-2023-39954.json) (`2023-08-16T19:15:35.977`)
* [CVE-2023-34615](CVE-2023/CVE-2023-346xx/CVE-2023-34615.json) (`2023-08-16T19:34:33.483`)
* [CVE-2023-39955](CVE-2023/CVE-2023-399xx/CVE-2023-39955.json) (`2023-08-16T19:38:45.193`)
* [CVE-2023-38633](CVE-2023/CVE-2023-386xx/CVE-2023-38633.json) (`2023-08-16T19:41:52.567`)
* [CVE-2023-23903](CVE-2023/CVE-2023-239xx/CVE-2023-23903.json) (`2023-08-16T19:44:20.300`)
* [CVE-2023-24471](CVE-2023/CVE-2023-244xx/CVE-2023-24471.json) (`2023-08-16T19:46:55.460`)
* [CVE-2023-39957](CVE-2023/CVE-2023-399xx/CVE-2023-39957.json) (`2023-08-16T19:57:00.017`)
* [CVE-2020-24187](CVE-2020/CVE-2020-241xx/CVE-2020-24187.json) (`2023-08-16T21:11:04.957`)
* [CVE-2020-24221](CVE-2020/CVE-2020-242xx/CVE-2020-24221.json) (`2023-08-16T21:11:08.147`)
* [CVE-2021-27523](CVE-2021/CVE-2021-275xx/CVE-2021-27523.json) (`2023-08-16T20:08:11.497`)
* [CVE-2021-26505](CVE-2021/CVE-2021-265xx/CVE-2021-26505.json) (`2023-08-16T20:09:07.517`)
* [CVE-2021-26504](CVE-2021/CVE-2021-265xx/CVE-2021-26504.json) (`2023-08-16T20:22:24.490`)
* [CVE-2021-25864](CVE-2021/CVE-2021-258xx/CVE-2021-25864.json) (`2023-08-16T20:29:49.300`)
* [CVE-2022-29887](CVE-2022/CVE-2022-298xx/CVE-2022-29887.json) (`2023-08-16T20:35:20.687`)
* [CVE-2022-44612](CVE-2022/CVE-2022-446xx/CVE-2022-44612.json) (`2023-08-16T20:38:42.333`)
* [CVE-2023-32609](CVE-2023/CVE-2023-326xx/CVE-2023-32609.json) (`2023-08-16T20:05:07.757`)
* [CVE-2023-39952](CVE-2023/CVE-2023-399xx/CVE-2023-39952.json) (`2023-08-16T20:23:36.877`)
* [CVE-2023-4128](CVE-2023/CVE-2023-41xx/CVE-2023-4128.json) (`2023-08-16T20:32:04.830`)
* [CVE-2023-27392](CVE-2023/CVE-2023-273xx/CVE-2023-27392.json) (`2023-08-16T20:37:35.870`)
* [CVE-2023-25182](CVE-2023/CVE-2023-251xx/CVE-2023-25182.json) (`2023-08-16T20:43:11.657`)
* [CVE-2023-25773](CVE-2023/CVE-2023-257xx/CVE-2023-25773.json) (`2023-08-16T20:45:18.080`)
* [CVE-2023-2905](CVE-2023/CVE-2023-29xx/CVE-2023-2905.json) (`2023-08-16T20:49:56.363`)
* [CVE-2023-22338](CVE-2023/CVE-2023-223xx/CVE-2023-22338.json) (`2023-08-16T20:52:08.750`)
* [CVE-2023-27506](CVE-2023/CVE-2023-275xx/CVE-2023-27506.json) (`2023-08-16T20:56:58.130`)
* [CVE-2023-22843](CVE-2023/CVE-2023-228xx/CVE-2023-22843.json) (`2023-08-16T21:06:13.870`)
## Download and Usage