diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20193.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20193.json new file mode 100644 index 00000000000..11693e4b1f3 --- /dev/null +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20193.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20193", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2023-09-07T20:15:07.473", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20194.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20194.json new file mode 100644 index 00000000000..b8cd2279733 --- /dev/null +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20194.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-20194", + "sourceIdentifier": "ykramarz@cisco.com", + "published": "2023-09-07T20:15:07.593", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ykramarz@cisco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw", + "source": "ykramarz@cisco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37798.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37798.json index 9ba55d7f9a3..ef4e4192acb 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37798.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37798.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37798", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-07T19:15:47.510", - "lastModified": "2023-09-07T19:15:47.510", - "vulnStatus": "Received", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39979.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39979.json index ce5123225d3..768734e32c2 100644 --- a/CVE-2023/CVE-2023-399xx/CVE-2023-39979.json +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39979.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39979", "sourceIdentifier": "psirt@moxa.com", "published": "2023-09-02T13:15:44.733", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-07T20:16:28.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-330" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.1.0", + "matchCriteriaId": "7714E640-769C-40AB-AE67-67EF9442FD5C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39980.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39980.json index 3de4f2c8a11..5f3d5aaca46 100644 --- a/CVE-2023/CVE-2023-399xx/CVE-2023-39980.json +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39980.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39980", "sourceIdentifier": "psirt@moxa.com", "published": "2023-09-02T13:15:45.173", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-07T20:29:10.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.0.1", + "matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39981.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39981.json index f28af7c3850..df2d4c9a340 100644 --- a/CVE-2023/CVE-2023-399xx/CVE-2023-39981.json +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39981.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39981", "sourceIdentifier": "psirt@moxa.com", "published": "2023-09-02T13:15:45.257", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-07T20:38:42.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.0.1", + "matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41061.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41061.json index cabd6a050c7..0ccc211349f 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41061.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41061.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41061", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-07T18:15:07.617", - "lastModified": "2023-09-07T19:15:47.803", - "vulnStatus": "Received", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41064.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41064.json index 88ddb858c57..4dad9b62c61 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41064.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41064.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41064", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-07T18:15:07.727", - "lastModified": "2023-09-07T19:15:48.070", - "vulnStatus": "Received", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-413xx/CVE-2023-41316.json b/CVE-2023/CVE-2023-413xx/CVE-2023-41316.json new file mode 100644 index 00000000000..72f53e75f69 --- /dev/null +++ b/CVE-2023/CVE-2023-413xx/CVE-2023-41316.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-41316", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-09-07T20:15:07.677", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/tolgee/tolgee-platform/commit/bab718b1c9b3e90327bfb10d27b9799996e5c35b", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4528.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4528.json index 63a75ff8806..9dea45d2567 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4528.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4528.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4528", "sourceIdentifier": "cve@rapid7.con", "published": "2023-09-07T18:15:07.797", - "lastModified": "2023-09-07T18:15:07.797", - "vulnStatus": "Received", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4647.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4647.json index 6a0c00b686c..6b1b3dd7809 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4647.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4647.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4647", "sourceIdentifier": "cve@gitlab.com", "published": "2023-09-01T11:15:43.363", - "lastModified": "2023-09-01T11:47:43.290", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-07T20:02:15.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "cve@gitlab.com", "type": "Secondary", @@ -46,10 +76,63 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "15.2.0", + "versionEndExcluding": "16.1.5", + "matchCriteriaId": "0BB62198-2175-4319-9754-A55F5AA20EDD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "15.2.0", + "versionEndExcluding": "16.1.5", + "matchCriteriaId": "8EBBBC86-4F64-4EAB-AF11-5552ED8FD0F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", + "versionStartIncluding": "16.2", + "versionEndExcluding": "16.2.5", + "matchCriteriaId": "18116007-7452-495F-80A1-39499882656E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", + "versionStartIncluding": "16.2", + "versionEndExcluding": "16.2.5", + "matchCriteriaId": "4E03E8BA-63C8-47D5-B5A1-26DF199E1F65" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*", + "matchCriteriaId": "EE9B8DE8-9990-494B-BDBE-F867DDBB9D57" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*", + "matchCriteriaId": "08D6B555-39B6-493D-8460-3DC998BAF651" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414502", - "source": "cve@gitlab.com" + "source": "cve@gitlab.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4685.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4685.json index a3aef2463d5..a1b37fd5ff0 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4685.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4685.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4685", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-09-07T18:15:07.883", - "lastModified": "2023-09-07T18:15:07.883", - "vulnStatus": "Received", + "lastModified": "2023-09-07T20:17:06.860", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4718.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4718.json index cbc5eea3445..e68c7a0a4cb 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4718.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4718.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4718", "sourceIdentifier": "security@wordfence.com", "published": "2023-09-02T04:15:09.933", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-07T20:12:06.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,20 +64,57 @@ "value": "CWE-79" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:newnine:font_awesome_4_menus:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.7.0", + "matchCriteriaId": "C72960B8-CAEB-4DF6-8FCA-76EA3847B8E9" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L197", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L214", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc59510c-6eaf-4526-8acb-c07e39923ad9?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 213eaae8054..76921dcdebb 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-07T20:00:25.590602+00:00 +2023-09-07T22:00:25.505475+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-07T19:53:27.870000+00:00 +2023-09-07T20:38:42.433000+00:00 ``` ### Last Data Feed Release @@ -29,49 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224479 +224482 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `3` -* [CVE-2023-4528](CVE-2023/CVE-2023-45xx/CVE-2023-4528.json) (`2023-09-07T18:15:07.797`) -* [CVE-2023-4685](CVE-2023/CVE-2023-46xx/CVE-2023-4685.json) (`2023-09-07T18:15:07.883`) -* [CVE-2023-37798](CVE-2023/CVE-2023-377xx/CVE-2023-37798.json) (`2023-09-07T19:15:47.510`) -* [CVE-2023-41061](CVE-2023/CVE-2023-410xx/CVE-2023-41061.json) (`2023-09-07T18:15:07.617`) -* [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2023-09-07T18:15:07.727`) +* [CVE-2023-20193](CVE-2023/CVE-2023-201xx/CVE-2023-20193.json) (`2023-09-07T20:15:07.473`) +* [CVE-2023-20194](CVE-2023/CVE-2023-201xx/CVE-2023-20194.json) (`2023-09-07T20:15:07.593`) +* [CVE-2023-41316](CVE-2023/CVE-2023-413xx/CVE-2023-41316.json) (`2023-09-07T20:15:07.677`) ### CVEs modified in the last Commit -Recently modified CVEs: `55` +Recently modified CVEs: `10` -* [CVE-2023-32810](CVE-2023/CVE-2023-328xx/CVE-2023-32810.json) (`2023-09-07T19:12:56.850`) -* [CVE-2023-32811](CVE-2023/CVE-2023-328xx/CVE-2023-32811.json) (`2023-09-07T19:13:05.170`) -* [CVE-2023-20826](CVE-2023/CVE-2023-208xx/CVE-2023-20826.json) (`2023-09-07T19:13:15.787`) -* [CVE-2023-20827](CVE-2023/CVE-2023-208xx/CVE-2023-20827.json) (`2023-09-07T19:13:24.850`) -* [CVE-2023-20828](CVE-2023/CVE-2023-208xx/CVE-2023-20828.json) (`2023-09-07T19:13:33.270`) -* [CVE-2023-20835](CVE-2023/CVE-2023-208xx/CVE-2023-20835.json) (`2023-09-07T19:13:46.380`) -* [CVE-2023-20825](CVE-2023/CVE-2023-208xx/CVE-2023-20825.json) (`2023-09-07T19:14:16.880`) -* [CVE-2023-20822](CVE-2023/CVE-2023-208xx/CVE-2023-20822.json) (`2023-09-07T19:14:27.697`) -* [CVE-2023-20821](CVE-2023/CVE-2023-208xx/CVE-2023-20821.json) (`2023-09-07T19:14:35.620`) -* [CVE-2023-20836](CVE-2023/CVE-2023-208xx/CVE-2023-20836.json) (`2023-09-07T19:14:40.490`) -* [CVE-2023-20820](CVE-2023/CVE-2023-208xx/CVE-2023-20820.json) (`2023-09-07T19:14:49.727`) -* [CVE-2023-38283](CVE-2023/CVE-2023-382xx/CVE-2023-38283.json) (`2023-09-07T19:15:12.473`) -* [CVE-2023-4710](CVE-2023/CVE-2023-47xx/CVE-2023-4710.json) (`2023-09-07T19:16:32.170`) -* [CVE-2023-41051](CVE-2023/CVE-2023-410xx/CVE-2023-41051.json) (`2023-09-07T19:19:19.957`) -* [CVE-2023-41046](CVE-2023/CVE-2023-410xx/CVE-2023-41046.json) (`2023-09-07T19:20:17.653`) -* [CVE-2023-4711](CVE-2023/CVE-2023-47xx/CVE-2023-4711.json) (`2023-09-07T19:21:02.327`) -* [CVE-2023-4712](CVE-2023/CVE-2023-47xx/CVE-2023-4712.json) (`2023-09-07T19:21:25.680`) -* [CVE-2023-4713](CVE-2023/CVE-2023-47xx/CVE-2023-4713.json) (`2023-09-07T19:22:48.413`) -* [CVE-2023-4714](CVE-2023/CVE-2023-47xx/CVE-2023-4714.json) (`2023-09-07T19:23:35.707`) -* [CVE-2023-3297](CVE-2023/CVE-2023-32xx/CVE-2023-3297.json) (`2023-09-07T19:24:36.467`) -* [CVE-2023-31167](CVE-2023/CVE-2023-311xx/CVE-2023-31167.json) (`2023-09-07T19:26:11.297`) -* [CVE-2023-4778](CVE-2023/CVE-2023-47xx/CVE-2023-4778.json) (`2023-09-07T19:34:34.170`) -* [CVE-2023-20897](CVE-2023/CVE-2023-208xx/CVE-2023-20897.json) (`2023-09-07T19:40:05.767`) -* [CVE-2023-4709](CVE-2023/CVE-2023-47xx/CVE-2023-4709.json) (`2023-09-07T19:43:43.600`) -* [CVE-2023-23763](CVE-2023/CVE-2023-237xx/CVE-2023-23763.json) (`2023-09-07T19:53:27.870`) +* [CVE-2023-4647](CVE-2023/CVE-2023-46xx/CVE-2023-4647.json) (`2023-09-07T20:02:15.837`) +* [CVE-2023-4718](CVE-2023/CVE-2023-47xx/CVE-2023-4718.json) (`2023-09-07T20:12:06.297`) +* [CVE-2023-39979](CVE-2023/CVE-2023-399xx/CVE-2023-39979.json) (`2023-09-07T20:16:28.350`) +* [CVE-2023-41061](CVE-2023/CVE-2023-410xx/CVE-2023-41061.json) (`2023-09-07T20:17:06.860`) +* [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2023-09-07T20:17:06.860`) +* [CVE-2023-4528](CVE-2023/CVE-2023-45xx/CVE-2023-4528.json) (`2023-09-07T20:17:06.860`) +* [CVE-2023-4685](CVE-2023/CVE-2023-46xx/CVE-2023-4685.json) (`2023-09-07T20:17:06.860`) +* [CVE-2023-37798](CVE-2023/CVE-2023-377xx/CVE-2023-37798.json) (`2023-09-07T20:17:06.860`) +* [CVE-2023-39980](CVE-2023/CVE-2023-399xx/CVE-2023-39980.json) (`2023-09-07T20:29:10.830`) +* [CVE-2023-39981](CVE-2023/CVE-2023-399xx/CVE-2023-39981.json) (`2023-09-07T20:38:42.433`) ## Download and Usage