admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-23T06:00:24.883295+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-23 06:00:28 +00:00
parent 48cdfa8f89
commit 16dda1b8db
5 changed files with 99 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2023/CVE-2023-33xx/CVE-2023-3341.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3341",
"sourceIdentifier": "security-officer@isc.org",
"published": "2023-09-20T13:15:11.770",
"lastModified": "2023-09-22T18:51:05.490",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-23T04:15:11.157",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -253,6 +253,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5504",
"source": "security-officer@isc.org"
}
]
}

22
CVE-2023/CVE-2023-422xx/CVE-2023-42261.json
View File

@ -2,16 +2,32 @@
"id": "CVE-2023-42261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T22:15:11.823",
"lastModified": "2023-09-22T01:25:45.750",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-23T04:15:11.757",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions."
"value": "** DISPUTED ** Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example, use a reverse proxy server."
},
{
"lang": "es",
"value": "Mobile Security Framework (MobSF) &lt;=v3.7.8 Beta es vulnerable a Permisos Inseguros."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/blob/abb47659a19ac772765934f184c65fe16cb3bee7/docker-compose.yml#L30-L31",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/1211",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/issues/748",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/woshinibaba222/hack16/blob/main/Unauthorized%20Access%20to%20MobSF.md",
"source": "cve@mitre.org"

8
CVE-2023/CVE-2023-42xx/CVE-2023-4236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4236",
"sourceIdentifier": "security-officer@isc.org",
"published": "2023-09-20T13:15:12.313",
"lastModified": "2023-09-22T18:35:33.337",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-23T04:15:11.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -94,6 +94,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5504",
"source": "security-officer@isc.org"
}
]
}

59
CVE-2023/CVE-2023-51xx/CVE-2023-5125.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5125",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-23T05:15:31.320",
"lastModified": "2023-09-23T05:15:31.320",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Contact Form by FormGet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'formget' shortcode in versions up to, and including, 5.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/formget-contact-form/trunk/index.php?rev=2145639#L504",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fdd73289-f292-4903-951e-6a89049d39a7?source=cve",
"source": "security@wordfence.com"
}
]
}

39
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-23T04:00:24.104637+00:00
2023-09-23T06:00:24.883295+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-23T03:46:18.623000+00:00
2023-09-23T05:15:31.320000+00:00
```
### Last Data Feed Release
@ -29,44 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226067
226068
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `1`
* [CVE-2023-5125](CVE-2023/CVE-2023-51xx/CVE-2023-5125.json) (`2023-09-23T05:15:31.320`)
### CVEs modified in the last Commit
Recently modified CVEs: `36`
Recently modified CVEs: `3`
* [CVE-2023-34576](CVE-2023/CVE-2023-345xx/CVE-2023-34576.json) (`2023-09-23T03:35:40.510`)
* [CVE-2023-42810](CVE-2023/CVE-2023-428xx/CVE-2023-42810.json) (`2023-09-23T03:38:14.547`)
* [CVE-2023-34577](CVE-2023/CVE-2023-345xx/CVE-2023-34577.json) (`2023-09-23T03:38:59.283`)
* [CVE-2023-4152](CVE-2023/CVE-2023-41xx/CVE-2023-4152.json) (`2023-09-23T03:41:36.287`)
* [CVE-2023-42322](CVE-2023/CVE-2023-423xx/CVE-2023-42322.json) (`2023-09-23T03:42:57.927`)
* [CVE-2023-39252](CVE-2023/CVE-2023-392xx/CVE-2023-39252.json) (`2023-09-23T03:43:14.050`)
* [CVE-2023-43498](CVE-2023/CVE-2023-434xx/CVE-2023-43498.json) (`2023-09-23T03:45:03.873`)
* [CVE-2023-43497](CVE-2023/CVE-2023-434xx/CVE-2023-43497.json) (`2023-09-23T03:45:05.997`)
* [CVE-2023-43496](CVE-2023/CVE-2023-434xx/CVE-2023-43496.json) (`2023-09-23T03:45:08.510`)
* [CVE-2023-43495](CVE-2023/CVE-2023-434xx/CVE-2023-43495.json) (`2023-09-23T03:45:20.057`)
* [CVE-2023-41027](CVE-2023/CVE-2023-410xx/CVE-2023-41027.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-41029](CVE-2023/CVE-2023-410xx/CVE-2023-41029.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-41031](CVE-2023/CVE-2023-410xx/CVE-2023-41031.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-42812](CVE-2023/CVE-2023-428xx/CVE-2023-42812.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-42821](CVE-2023/CVE-2023-428xx/CVE-2023-42821.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43640](CVE-2023/CVE-2023-436xx/CVE-2023-43640.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-38346](CVE-2023/CVE-2023-383xx/CVE-2023-38346.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43270](CVE-2023/CVE-2023-432xx/CVE-2023-43270.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-40989](CVE-2023/CVE-2023-409xx/CVE-2023-40989.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43129](CVE-2023/CVE-2023-431xx/CVE-2023-43129.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43130](CVE-2023/CVE-2023-431xx/CVE-2023-43130.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43338](CVE-2023/CVE-2023-433xx/CVE-2023-43338.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43468](CVE-2023/CVE-2023-434xx/CVE-2023-43468.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43469](CVE-2023/CVE-2023-434xx/CVE-2023-43469.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-43470](CVE-2023/CVE-2023-434xx/CVE-2023-43470.json) (`2023-09-23T03:46:18.623`)
* [CVE-2023-3341](CVE-2023/CVE-2023-33xx/CVE-2023-3341.json) (`2023-09-23T04:15:11.157`)
* [CVE-2023-42261](CVE-2023/CVE-2023-422xx/CVE-2023-42261.json) (`2023-09-23T04:15:11.757`)
* [CVE-2023-4236](CVE-2023/CVE-2023-42xx/CVE-2023-4236.json) (`2023-09-23T04:15:11.900`)
## Download and Usage