admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-05T20:01:33.228399+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-05 20:01:36 +00:00
parent 49c088d1f1
commit 1790684ab5
47 changed files with 3432 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2020/CVE-2020-241xx/CVE-2020-24165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-24165",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-28T21:15:07.510",
"lastModified": "2023-09-01T15:06:01.737",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-05T18:15:11.543",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -71,6 +71,10 @@
"Issue Tracking"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html",
"source": "cve@mitre.org"
},
{
"url": "https://pastebin.com/iqCbjdT8",
"source": "cve@mitre.org",

81
CVE-2022/CVE-2022-439xx/CVE-2022-43906.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-43906",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T14:15:10.280",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:11:19.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Guardium 11.5 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. IBM X-Force ID: 240897."
},
{
"lang": "es",
"value": "IBM Security Guardium 11.5 podr\u00eda revelar informaci\u00f3n confidencial debido a un atributo SameSite faltante o inseguro para una cookie confidencial. ID de IBM X-Force: 240897."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +58,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B4F327AB-9F53-402C-9BFA-F66F20A83B40"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/240897",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://https://www.ibm.com/support/pages/node/7038019",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-03xx/CVE-2023-0330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0330",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-03-06T23:15:11.457",
"lastModified": "2023-07-06T16:38:31.993",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-05T18:15:11.690",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -106,6 +106,10 @@
}
],
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2023-01/msg03411.html",
"source": "patrick@puiterwijk.org",

4
CVE-2023/CVE-2023-23xx/CVE-2023-2306.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2306",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-10-05T17:15:11.373",
"lastModified": "2023-10-05T17:15:11.373",
"vulnStatus": "Received",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2023/CVE-2023-250xx/CVE-2023-25025.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-25025",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.507",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:10:51.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <=\u00a03.1.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Chetan Gole WP-CopyProtect [Protect your blog posts] en versiones &lt;= 3.1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chetangole:wp-copyprotect_\\[protect_your_blog_posts\\]:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "49AD8150-AC55-4ED7-B02A-6F9321055B2B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-copyprotect/wordpress-wp-copyprotect-protect-your-blog-posts-plugin-3-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27433.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27433",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.587",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:10:37.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Make Paths Relative plugin <=\u00a01.3.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento YAS Global Team Make Paths Relative en versiones &lt;= 1.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yasglobal:make_paths_relative:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.0",
"matchCriteriaId": "DB95B127-8097-42E7-98FB-4C36486DCC2F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/make-paths-relative/wordpress-make-paths-relative-plugin-1-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

415
CVE-2023/CVE-2023-306xx/CVE-2023-30692.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-30692",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.537",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T19:14:49.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper input validation vulnerability in Evaluator prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities."
},
{
"lang": "es",
"value": "Una vulnerabilidad de validaci\u00f3n de entrada incorrecta en Evaluator antes de SMR, versi\u00f3n 1 de octubre de 2023, permite a atacantes locales iniciar actividades privilegiadas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -46,10 +80,385 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9BF31CC5-E850-4B7E-BA43-6B1ED560DD45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

411
CVE-2023/CVE-2023-307xx/CVE-2023-30727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30727",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.687",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T19:11:49.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,385 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DA3806E2-A780-4BB5-B4DC-D015D841E4C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D7120696-2440-44EC-B3A4-6FCBB4A60A12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "693D72EF-1531-4C15-B105-2DEBE02D30F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*",
"matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "60281652-A1DF-4EA4-8CD3-6DCA43F6162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4F46F8F7-0EBA-4D2F-AC53-4BB5956D7B87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FFB0F9B9-C60D-40CC-AC7D-FDB288EB2264"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "1DD6CFD3-5341-4069-B4FC-A5E07F13A63F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9BF31CC5-E850-4B7E-BA43-6B1ED560DD45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

236
CVE-2023/CVE-2023-307xx/CVE-2023-30731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30731",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.777",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T19:10:57.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,210 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

116
CVE-2023/CVE-2023-307xx/CVE-2023-30732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30732",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.940",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T19:07:11.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,90 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

236
CVE-2023/CVE-2023-307xx/CVE-2023-30733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30733",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.030",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:33:04.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,210 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "40EB3FC1-D79A-40C7-9E2B-573E20780982"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7B738B6B-78CE-4618-B70D-6BC9ED453105"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC84021B-9846-40FB-834B-7C5BECEFFEAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EEABF42E-578E-4689-B80D-B305467AA72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E261C9D8-1E74-44B8-9F11-F5769CF8B7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4C28D3CD-DD34-4334-B03F-794B31A4BF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*",
"matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "B0329C50-B904-480D-8EBB-F2757049FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:12.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "E1553CEA-FCF4-4A9C-85FE-F7DB7A500443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-307xx/CVE-2023-30736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30736",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.550",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-05T18:15:11.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:samsung_assistant:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.7.00.1",
"matchCriteriaId": "29159B72-5252-4C35-82F7-6D72A5CEABBC"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

153
CVE-2023/CVE-2023-307xx/CVE-2023-30738.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30738",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.733",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:33:07.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "mobile.security@samsung.com",
"type": "Secondary",
@ -50,10 +80,127 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:galaxy_book_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "oct-2023",
"matchCriteriaId": "D007B248-661D-4E53-A0C0-F3C49ED9540A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:galaxy_book:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4356A941-2FF9-4A68-8EF5-AB86576017DD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:galaxy_book_pro_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "oct-2023",
"matchCriteriaId": "D675EEE1-9A38-4667-9AE5-31FF8882603E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:galaxy_book_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C3A9C42E-F053-4C74-9248-33DAABF550F8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:galaxy_book_pro_360_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "oct-2023",
"matchCriteriaId": "54974A58-DD3F-4088-BF2F-D150565B8FE3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:galaxy_book_pro_360:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4662A977-BFA4-41F0-95D9-BB0D8B077D66"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:galaxy_book_odyssey_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "oct-2023",
"matchCriteriaId": "ACBF7D53-8DAF-4853-92EE-298726BD0789"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:galaxy_book_odyssey:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402463AD-A75B-4127-BBE9-24AABEE40817"
}
]
}
]
}
],
"references": [
{
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=10",
"source": "mobile.security@samsung.com"
"source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-31xx/CVE-2023-3180.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3180",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-03T15:15:29.960",
"lastModified": "2023-08-31T19:15:10.890",
"lastModified": "2023-10-05T18:15:11.830",
"vulnStatus": "Modified",
"descriptions": [
{
@ -100,6 +100,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00006.html",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MURWGXDIF2WTDXV36T6HFJDBL632AO7R/",
"source": "secalert@redhat.com"

55
CVE-2023/CVE-2023-324xx/CVE-2023-32485.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32485",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T19:15:11.163",
"lastModified": "2023-10-05T19:15:11.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216587/dsa-2023-283-security-update-for-dell-smartfabric-storage-software-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

83
CVE-2023/CVE-2023-403xx/CVE-2023-40376.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40376",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T14:15:10.793",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-05T18:10:26.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under certain configurations could allow an authenticated user to make changes to environment variables due to improper authentication controls. IBM X-Force ID: 263581."
},
{
"lang": "es",
"value": "IBM UrbanCode Deploy (UCD) versiones 7.1 - 7.1.2.12, 7.2 a 7.2.3.5 y 7.3 a 7.3.2.0 en determinadas configuraciones podr\u00eda permitir que un usuario autenticado realice cambios en las variables de entorno debido a controles de autenticaci\u00f3n inadecuados. ID de IBM X-Force: 263581."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +80,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1",
"versionEndIncluding": "7.1.2.12",
"matchCriteriaId": "215A6CF7-48C2-43CF-BFF6-DCD7FD929302"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2",
"versionEndIncluding": "7.2.3.5",
"matchCriteriaId": "188ECAF4-C4CA-46FC-9114-A896F2EC9B92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:urbancode_deploy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3",
"versionEndIncluding": "7.3.2.0",
"matchCriteriaId": "D42E7FF1-C98A-4781-B966-17DCE2BDBF4D"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/263581",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7037230",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-405xx/CVE-2023-40559.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40559",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T15:15:12.497",
"lastModified": "2023-10-04T15:53:23.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:23:25.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Dynamic Pricing and Discount Rules for WooCommerce plugin <=\u00a02.4.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Dotstore Dynamic Pricing and Discount Rules para WooCommerce en versiones &lt;= 2.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multidots:dynamic_pricing_and_discount_rules_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.1",
"matchCriteriaId": "91E28E7B-C75D-4796-B325-0F4351578445"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-conditional-discount-rules-for-checkout/wordpress-dynamic-pricing-and-discount-rules-for-woocommerce-plugin-2-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-405xx/CVE-2023-40561.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40561",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T14:15:10.887",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:10:04.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Enhanced Ecommerce Google Analytics for WooCommerce plugin <=\u00a03.7.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Dotstore Enhanced Ecommerce Google Analytics para WooCommerce en versiones &lt;= 3.7.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multidots:enhanced_ecommerce_google_analytics_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.7.1",
"matchCriteriaId": "9B3F761B-39FE-486B-9B56-C623CD69AF16"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-ecommerce-tracking-for-google-and-facebook/wordpress-enhanced-ecommerce-google-analytics-for-woocommerce-plugin-3-7-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-407xx/CVE-2023-40745.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-40745",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-05T19:15:11.260",
"lastModified": "2023-10-05T19:15:11.260",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-40745",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235265",
"source": "secalert@redhat.com"
}
]
}

60
CVE-2023/CVE-2023-40xx/CVE-2023-4037.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-4037",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.733",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:12:37.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n ciega de SQL en la interfaz web de Conacwin 3.7.1.2, cuya explotaci\u00f3n podr\u00eda permitir a un atacante local obtener datos confidenciales almacenados en la base de datos enviando una consulta SQL especialmente manipulada al par\u00e1metro xml."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:setelsa-security:conacwin:3.7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F63D26A2-7D42-4300-A80B-ED734D39FC9E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-setelsa-security-conacwin",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-40xx/CVE-2023-4090.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-4090",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.800",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:12:19.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) reflected vulnerability on WideStand until 5.3.5 version, which generates one of the meta tags directly using the content of the queried URL, which would allow an attacker to inject HTML/Javascript code into the response."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-site Scripting (XSS) en WideStand hasta la versi\u00f3n 5.3.5, que genera una de las metaetiquetas directamente usando el contenido de la URL consultada, lo que permitir\u00eda a un atacante inyectar c\u00f3digo HTML/Javascript en la respuesta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acilia:widestand:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.3.5",
"matchCriteriaId": "D33BB426-ABC2-4B03-BEC8-FA1891234F12"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-vulnerability-widestand-cms-acilia",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-411xx/CVE-2023-41175.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-41175",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-05T19:15:11.340",
"lastModified": "2023-10-05T19:15:11.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-41175",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235264",
"source": "secalert@redhat.com"
}
]
}

10
CVE-2023/CVE-2023-423xx/CVE-2023-42331.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-42331",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T20:15:11.853",
"lastModified": "2023-09-22T02:10:19.257",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-05T18:15:11.930",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A file upload vulnerability in EliteCMS 1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component."
"value": "A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manage_uploads.php component."
},
{
"lang": "es",
@ -85,6 +85,10 @@
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/Num-Nine/CVE/wiki/Any-file-is-uploaded-to-eliteCMS1.01",
"source": "cve@mitre.org"
}
]
}

51
CVE-2023/CVE-2023-427xx/CVE-2023-42754.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-42754",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-05T19:15:11.413",
"lastModified": "2023-10-05T19:15:11.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42754",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239845",
"source": "secalert@redhat.com"
},
{
"url": "https://seclists.org/oss-sec/2023/q4/14",
"source": "secalert@redhat.com"
}
]
}

51
CVE-2023/CVE-2023-427xx/CVE-2023-42755.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-42755",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-05T19:15:11.497",
"lastModified": "2023-10-05T19:15:11.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-42755",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239847",
"source": "secalert@redhat.com"
},
{
"url": "https://seclists.org/oss-sec/2023/q3/229",
"source": "secalert@redhat.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43068.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43068",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.027",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the restricted shell in SSH. An authenticated remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43069.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43069",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.140",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contain(s) an OS Command Injection Vulnerability in the CLI. An authenticated local attacker could potentially exploit this vulnerability, leading to possible injection of parameters to curl or docker.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43070.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43070",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.240",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains a Path Traversal Vulnerability in the HTTP interface. A remote authenticated attacker could potentially exploit this vulnerability, leading to modify or write arbitrary files to arbitrary locations in the license container.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43071.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43071",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.347",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains possible vulnerabilities for HTML injection or CVS formula injection which might escalate to cross-site scripting attacks in HTML pages in the GUI. A remote authenticated attacker could potentially exploit these issues, leading to various injection type attacks.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43072.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43072",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.463",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains an improper access control vulnerability in the CLI. A local possibly unauthenticated attacker could potentially exploit this vulnerability, leading to ability to execute arbritrary shell commands.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

55
CVE-2023/CVE-2023-430xx/CVE-2023-43073.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-43073",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:12.563",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

20
CVE-2023/CVE-2023-432xx/CVE-2023-43260.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43260",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-05T19:15:11.573",
"lastModified": "2023-10-05T19:15:11.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/win3zz/c7eda501edcf5383df32fabe00938d13",
"source": "cve@mitre.org"
}
]
}

67
CVE-2023/CVE-2023-438xx/CVE-2023-43898.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-43898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.440",
"lastModified": "2023-10-03T23:55:59.983",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:23:15.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Nothings stb 2.28 conten\u00eda un Null Pointer Dereference a trav\u00e9s de la funci\u00f3n stbi__convert_format. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo de imagen manipulado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nothings:stb:2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "C8487896-B935-422E-AFC5-0A6634B929D0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/peccc/null-stb",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

6
CVE-2023/CVE-2023-43xx/CVE-2023-4354.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4354",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:11.763",
"lastModified": "2023-08-27T03:15:15.437",
"lastModified": "2023-10-05T18:15:12.923",
"vulnStatus": "Modified",
"descriptions": [
{
@ -90,6 +90,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174949/Chrome-SKIA-Integer-Overflow.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com",

6
CVE-2023/CVE-2023-43xx/CVE-2023-4355.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4355",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-15T18:15:11.923",
"lastModified": "2023-08-27T03:15:15.753",
"lastModified": "2023-10-05T18:15:13.017",
"vulnStatus": "Modified",
"descriptions": [
{
@ -90,6 +90,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174950/Chrome-Dangling-FixedArray-Pointers-Memory-Corruption.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop_15.html",
"source": "chrome-cve-admin@google.com",

75
CVE-2023/CVE-2023-442xx/CVE-2023-44208.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-44208",
"sourceIdentifier": "security@acronis.com",
"published": "2023-10-04T12:15:10.670",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:14:38.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713."
},
{
"lang": "es",
"value": "Divulgaci\u00f3n y manipulaci\u00f3n de informaci\u00f3n sensible por falta de autorizaci\u00f3n. Los siguientes productos se ven afectados: Acronis Cyber Protect Home Office (Windows) anterior a la compilaci\u00f3n 40713."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +61,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +82,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect_home_office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "40713",
"matchCriteriaId": "106FDA99-8B08-4FC5-A0B8-17EC5EADB5A7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-6587",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-443xx/CVE-2023-44386.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-44386",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-05T18:15:12.667",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vapor is an HTTP web framework for Swift. There is a denial of service vulnerability impacting all users of affected versions of Vapor. The HTTP1 error handler closed connections when HTTP parse errors occur instead of passing them on. The issue is fixed as of Vapor release 4.84.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-231"
},
{
"lang": "en",
"value": "CWE-617"
},
{
"lang": "en",
"value": "CWE-696"
}
]
}
],
"references": [
{
"url": "https://github.com/vapor/vapor/commit/090464a654b03148b139a81f8f5ac63b0856f6f3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vapor/vapor/releases/tag/4.84.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vapor/vapor/security/advisories/GHSA-3mwq-h3g6-ffhm",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-443xx/CVE-2023-44387.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-44387",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-05T18:15:12.787",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.2,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"references": [
{
"url": "https://github.com/gradle/gradle/commit/3b406191e24d69e7e42dc3f3b5cc50625aa930b7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/gradle/gradle/releases/tag/v7.6.3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/gradle/gradle/releases/tag/v8.4.0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4401.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4401",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-10-05T18:15:13.087",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell SmartFabric Storage Software v1.4 (and earlier) contains an OS Command Injection Vulnerability in the CLI use of the \u2018more\u2019 command. A local or remote authenticated attacker could potentially exploit this vulnerability, leading to the ability to gain root-level access.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000218107/dsa-2023-347-dell-smartfabric-storage-software-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
}
]
}

6
CVE-2023/CVE-2023-44xx/CVE-2023-4427.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4427",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-23T00:15:09.073",
"lastModified": "2023-09-21T03:15:11.213",
"lastModified": "2023-10-05T18:15:13.177",
"vulnStatus": "Modified",
"descriptions": [
{
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174951/Chrome-ReduceJSLoadPropertyWithEnumeratedKey-Out-Of-Bounds-Access.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html",
"source": "chrome-cve-admin@google.com",

24
CVE-2023/CVE-2023-53xx/CVE-2023-5346.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-5346",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-05T18:15:13.270",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1485829",
"source": "chrome-cve-admin@google.com"
}
]
}

58
CVE-2023/CVE-2023-53xx/CVE-2023-5357.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-5357",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-04T02:15:10.163",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-05T18:23:35.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Instagram for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Instagram de WordPress para WordPress es vulnerable a Cross-Site Scripting (XSS) a trav\u00e9s de shortcodes en versiones hasta la 2.1.6 incluida debido a una sanitizaci\u00f3n de entrada y a un escape de salida en los atributos proporcionados por el usuario insuficientes. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +70,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ink361:instagram_for_wordpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.6",
"matchCriteriaId": "0334BBCB-DFCE-44E5-9412-8F4EDE1C552A"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/instagram-for-wordpress/tags/2.1.6/templates/instagramPost.php#L12",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3991d8d0-57a8-42e7-a53c-97508f7e137f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-53xx/CVE-2023-5373.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5373",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-04T13:15:26.433",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:12:03.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241254 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en SourceCodester Online Computer and Laptop Store 1.0 y clasificada como cr\u00edtica. La funci\u00f3n registro del archivo Master.php es afectada por la vulnerabilidad. La manipulaci\u00f3n del argumento email conduce a la inyecci\u00f3n de SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-241254 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +87,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +95,59 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Szlllc/Cve/blob/main/Computer%20and%20Laptop%20Store%20System%20Master.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241254",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241254",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-53xx/CVE-2023-5374.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5374",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-04T14:15:11.123",
"lastModified": "2023-10-04T14:16:47.647",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-05T18:24:56.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241255."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en SourceCodester Online Computer and Laptop Store 1.0 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo productos.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento c conduce a la inyecci\u00f3n de SQL. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-241255."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "284E8925-2C48-4D47-9A9E-67D70F61CB61"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/Engineers-Online-Portal-System/blob/main/Computer%20and%20Laptop%20Store%20System%20products.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.241255",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.241255",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

60
CVE-2023/CVE-2023-53xx/CVE-2023-5375.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5375",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-04T09:15:31.980",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-05T18:26:45.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2."
},
{
"lang": "es",
"value": "Abrir redireccionamiento en el repositorio de GitHub mosparo/mosparo antes de 1.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +72,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mosparo:mosparo:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "DDD7A17B-8772-4955-9D6B-3CAB8CF4D41F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mosparo/mosparo/commit/9d5da367b78b8c883bfef5f332ffea26292f99e8",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://huntr.dev/bounties/3fa2abde-cb58-45a3-a115-1727ece9acb9",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-54xx/CVE-2023-5423.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-5423",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-05T18:15:13.330",
"lastModified": "2023-10-05T19:13:42.317",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirm_order. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The identifier of this vulnerability is VDB-241384."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.241384",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.241384",
"source": "cna@vuldb.com"
}
]
}

92
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-05T18:01:45.342648+00:00
2023-10-05T20:01:33.228399+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-05T17:39:30.237000+00:00
2023-10-05T19:15:11.573000+00:00
```
### Last Data Feed Release
@ -29,59 +29,61 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227049
227066
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `17`
* [CVE-2023-44828](CVE-2023/CVE-2023-448xx/CVE-2023-44828.json) (`2023-10-05T16:15:11.550`)
* [CVE-2023-44829](CVE-2023/CVE-2023-448xx/CVE-2023-44829.json) (`2023-10-05T16:15:11.610`)
* [CVE-2023-44830](CVE-2023/CVE-2023-448xx/CVE-2023-44830.json) (`2023-10-05T16:15:11.657`)
* [CVE-2023-44831](CVE-2023/CVE-2023-448xx/CVE-2023-44831.json) (`2023-10-05T16:15:11.700`)
* [CVE-2023-44832](CVE-2023/CVE-2023-448xx/CVE-2023-44832.json) (`2023-10-05T16:15:11.753`)
* [CVE-2023-44833](CVE-2023/CVE-2023-448xx/CVE-2023-44833.json) (`2023-10-05T16:15:11.807`)
* [CVE-2023-44834](CVE-2023/CVE-2023-448xx/CVE-2023-44834.json) (`2023-10-05T16:15:11.863`)
* [CVE-2023-44835](CVE-2023/CVE-2023-448xx/CVE-2023-44835.json) (`2023-10-05T16:15:11.917`)
* [CVE-2023-44836](CVE-2023/CVE-2023-448xx/CVE-2023-44836.json) (`2023-10-05T16:15:11.973`)
* [CVE-2023-44837](CVE-2023/CVE-2023-448xx/CVE-2023-44837.json) (`2023-10-05T16:15:12.020`)
* [CVE-2023-44838](CVE-2023/CVE-2023-448xx/CVE-2023-44838.json) (`2023-10-05T16:15:12.067`)
* [CVE-2023-44839](CVE-2023/CVE-2023-448xx/CVE-2023-44839.json) (`2023-10-05T16:15:12.117`)
* [CVE-2023-45160](CVE-2023/CVE-2023-451xx/CVE-2023-45160.json) (`2023-10-05T16:15:12.167`)
* [CVE-2023-4570](CVE-2023/CVE-2023-45xx/CVE-2023-4570.json) (`2023-10-05T16:15:12.357`)
* [CVE-2023-2306](CVE-2023/CVE-2023-23xx/CVE-2023-2306.json) (`2023-10-05T17:15:11.373`)
* [CVE-2023-43068](CVE-2023/CVE-2023-430xx/CVE-2023-43068.json) (`2023-10-05T18:15:12.027`)
* [CVE-2023-43069](CVE-2023/CVE-2023-430xx/CVE-2023-43069.json) (`2023-10-05T18:15:12.140`)
* [CVE-2023-43070](CVE-2023/CVE-2023-430xx/CVE-2023-43070.json) (`2023-10-05T18:15:12.240`)
* [CVE-2023-43071](CVE-2023/CVE-2023-430xx/CVE-2023-43071.json) (`2023-10-05T18:15:12.347`)
* [CVE-2023-43072](CVE-2023/CVE-2023-430xx/CVE-2023-43072.json) (`2023-10-05T18:15:12.463`)
* [CVE-2023-43073](CVE-2023/CVE-2023-430xx/CVE-2023-43073.json) (`2023-10-05T18:15:12.563`)
* [CVE-2023-44386](CVE-2023/CVE-2023-443xx/CVE-2023-44386.json) (`2023-10-05T18:15:12.667`)
* [CVE-2023-44387](CVE-2023/CVE-2023-443xx/CVE-2023-44387.json) (`2023-10-05T18:15:12.787`)
* [CVE-2023-4401](CVE-2023/CVE-2023-44xx/CVE-2023-4401.json) (`2023-10-05T18:15:13.087`)
* [CVE-2023-5346](CVE-2023/CVE-2023-53xx/CVE-2023-5346.json) (`2023-10-05T18:15:13.270`)
* [CVE-2023-5423](CVE-2023/CVE-2023-54xx/CVE-2023-5423.json) (`2023-10-05T18:15:13.330`)
* [CVE-2023-32485](CVE-2023/CVE-2023-324xx/CVE-2023-32485.json) (`2023-10-05T19:15:11.163`)
* [CVE-2023-40745](CVE-2023/CVE-2023-407xx/CVE-2023-40745.json) (`2023-10-05T19:15:11.260`)
* [CVE-2023-41175](CVE-2023/CVE-2023-411xx/CVE-2023-41175.json) (`2023-10-05T19:15:11.340`)
* [CVE-2023-42754](CVE-2023/CVE-2023-427xx/CVE-2023-42754.json) (`2023-10-05T19:15:11.413`)
* [CVE-2023-42755](CVE-2023/CVE-2023-427xx/CVE-2023-42755.json) (`2023-10-05T19:15:11.497`)
* [CVE-2023-43260](CVE-2023/CVE-2023-432xx/CVE-2023-43260.json) (`2023-10-05T19:15:11.573`)
### CVEs modified in the last Commit
Recently modified CVEs: `33`
Recently modified CVEs: `29`
* [CVE-2023-39989](CVE-2023/CVE-2023-399xx/CVE-2023-39989.json) (`2023-10-05T16:22:06.307`)
* [CVE-2023-44390](CVE-2023/CVE-2023-443xx/CVE-2023-44390.json) (`2023-10-05T16:22:20.787`)
* [CVE-2023-22648](CVE-2023/CVE-2023-226xx/CVE-2023-22648.json) (`2023-10-05T16:27:57.587`)
* [CVE-2023-22647](CVE-2023/CVE-2023-226xx/CVE-2023-22647.json) (`2023-10-05T16:28:13.250`)
* [CVE-2023-2681](CVE-2023/CVE-2023-26xx/CVE-2023-2681.json) (`2023-10-05T16:43:37.583`)
* [CVE-2023-43176](CVE-2023/CVE-2023-431xx/CVE-2023-43176.json) (`2023-10-05T16:47:03.923`)
* [CVE-2023-40519](CVE-2023/CVE-2023-405xx/CVE-2023-40519.json) (`2023-10-05T16:48:09.507`)
* [CVE-2023-5255](CVE-2023/CVE-2023-52xx/CVE-2023-5255.json) (`2023-10-05T16:48:26.820`)
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-05T16:51:14.533`)
* [CVE-2023-4732](CVE-2023/CVE-2023-47xx/CVE-2023-4732.json) (`2023-10-05T16:58:45.243`)
* [CVE-2023-34970](CVE-2023/CVE-2023-349xx/CVE-2023-34970.json) (`2023-10-05T16:59:07.947`)
* [CVE-2023-33200](CVE-2023/CVE-2023-332xx/CVE-2023-33200.json) (`2023-10-05T17:01:00.040`)
* [CVE-2023-3361](CVE-2023/CVE-2023-33xx/CVE-2023-3361.json) (`2023-10-05T17:01:42.423`)
* [CVE-2023-3038](CVE-2023/CVE-2023-30xx/CVE-2023-3038.json) (`2023-10-05T17:02:04.223`)
* [CVE-2023-3037](CVE-2023/CVE-2023-30xx/CVE-2023-3037.json) (`2023-10-05T17:02:55.337`)
* [CVE-2023-4997](CVE-2023/CVE-2023-49xx/CVE-2023-4997.json) (`2023-10-05T17:04:09.880`)
* [CVE-2023-3701](CVE-2023/CVE-2023-37xx/CVE-2023-3701.json) (`2023-10-05T17:04:18.250`)
* [CVE-2023-37995](CVE-2023/CVE-2023-379xx/CVE-2023-37995.json) (`2023-10-05T17:04:25.617`)
* [CVE-2023-3512](CVE-2023/CVE-2023-35xx/CVE-2023-3512.json) (`2023-10-05T17:04:39.053`)
* [CVE-2023-2809](CVE-2023/CVE-2023-28xx/CVE-2023-2809.json) (`2023-10-05T17:06:16.657`)
* [CVE-2023-25980](CVE-2023/CVE-2023-259xx/CVE-2023-25980.json) (`2023-10-05T17:06:25.153`)
* [CVE-2023-25788](CVE-2023/CVE-2023-257xx/CVE-2023-25788.json) (`2023-10-05T17:06:48.483`)
* [CVE-2023-5377](CVE-2023/CVE-2023-53xx/CVE-2023-5377.json) (`2023-10-05T17:07:40.813`)
* [CVE-2023-5368](CVE-2023/CVE-2023-53xx/CVE-2023-5368.json) (`2023-10-05T17:08:04.260`)
* [CVE-2023-20109](CVE-2023/CVE-2023-201xx/CVE-2023-20109.json) (`2023-10-05T17:39:30.237`)
* [CVE-2023-27433](CVE-2023/CVE-2023-274xx/CVE-2023-27433.json) (`2023-10-05T18:10:37.703`)
* [CVE-2023-25025](CVE-2023/CVE-2023-250xx/CVE-2023-25025.json) (`2023-10-05T18:10:51.417`)
* [CVE-2023-5373](CVE-2023/CVE-2023-53xx/CVE-2023-5373.json) (`2023-10-05T18:12:03.847`)
* [CVE-2023-4090](CVE-2023/CVE-2023-40xx/CVE-2023-4090.json) (`2023-10-05T18:12:19.200`)
* [CVE-2023-4037](CVE-2023/CVE-2023-40xx/CVE-2023-4037.json) (`2023-10-05T18:12:37.073`)
* [CVE-2023-44208](CVE-2023/CVE-2023-442xx/CVE-2023-44208.json) (`2023-10-05T18:14:38.207`)
* [CVE-2023-30736](CVE-2023/CVE-2023-307xx/CVE-2023-30736.json) (`2023-10-05T18:15:11.427`)
* [CVE-2023-0330](CVE-2023/CVE-2023-03xx/CVE-2023-0330.json) (`2023-10-05T18:15:11.690`)
* [CVE-2023-3180](CVE-2023/CVE-2023-31xx/CVE-2023-3180.json) (`2023-10-05T18:15:11.830`)
* [CVE-2023-42331](CVE-2023/CVE-2023-423xx/CVE-2023-42331.json) (`2023-10-05T18:15:11.930`)
* [CVE-2023-4354](CVE-2023/CVE-2023-43xx/CVE-2023-4354.json) (`2023-10-05T18:15:12.923`)
* [CVE-2023-4355](CVE-2023/CVE-2023-43xx/CVE-2023-4355.json) (`2023-10-05T18:15:13.017`)
* [CVE-2023-4427](CVE-2023/CVE-2023-44xx/CVE-2023-4427.json) (`2023-10-05T18:15:13.177`)
* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2023-10-05T18:23:15.117`)
* [CVE-2023-40559](CVE-2023/CVE-2023-405xx/CVE-2023-40559.json) (`2023-10-05T18:23:25.127`)
* [CVE-2023-5357](CVE-2023/CVE-2023-53xx/CVE-2023-5357.json) (`2023-10-05T18:23:35.933`)
* [CVE-2023-5374](CVE-2023/CVE-2023-53xx/CVE-2023-5374.json) (`2023-10-05T18:24:56.450`)
* [CVE-2023-5375](CVE-2023/CVE-2023-53xx/CVE-2023-5375.json) (`2023-10-05T18:26:45.907`)
* [CVE-2023-30733](CVE-2023/CVE-2023-307xx/CVE-2023-30733.json) (`2023-10-05T18:33:04.763`)
* [CVE-2023-30738](CVE-2023/CVE-2023-307xx/CVE-2023-30738.json) (`2023-10-05T18:33:07.273`)
* [CVE-2023-30732](CVE-2023/CVE-2023-307xx/CVE-2023-30732.json) (`2023-10-05T19:07:11.443`)
* [CVE-2023-30731](CVE-2023/CVE-2023-307xx/CVE-2023-30731.json) (`2023-10-05T19:10:57.843`)
* [CVE-2023-30727](CVE-2023/CVE-2023-307xx/CVE-2023-30727.json) (`2023-10-05T19:11:49.360`)
* [CVE-2023-2306](CVE-2023/CVE-2023-23xx/CVE-2023-2306.json) (`2023-10-05T19:13:42.317`)
* [CVE-2023-30692](CVE-2023/CVE-2023-306xx/CVE-2023-30692.json) (`2023-10-05T19:14:49.637`)
## Download and Usage