admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-07T22:00:25.505475+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-07 22:00:29 +00:00
parent 591d13ec92
commit 1bc92ac3cf
14 changed files with 491 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
CVE-2023/CVE-2023-201xx/CVE-2023-20193.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20193",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-07T20:15:07.473",
"lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw",
"source": "ykramarz@cisco.com"
}
]
}

43
CVE-2023/CVE-2023-201xx/CVE-2023-20194.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20194",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-07T20:15:07.593",
"lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw",
"source": "ykramarz@cisco.com"
}
]
}

4
CVE-2023/CVE-2023-377xx/CVE-2023-37798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37798", "id": "CVE-2023-37798",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-07T19:15:47.510", "published": "2023-09-07T19:15:47.510",
"lastModified": "2023-09-07T19:15:47.510", "lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

61
CVE-2023/CVE-2023-399xx/CVE-2023-39979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39979", "id": "CVE-2023-39979",
"sourceIdentifier": "psirt@moxa.com", "sourceIdentifier": "psirt@moxa.com",
"published": "2023-09-02T13:15:44.733", "published": "2023-09-02T13:15:44.733",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-07T20:16:28.350",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", "nodes": [
"source": "psirt@moxa.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.0",
"matchCriteriaId": "7714E640-769C-40AB-AE67-67EF9442FD5C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities",
"source": "psirt@moxa.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-399xx/CVE-2023-39980.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39980", "id": "CVE-2023-39980",
"sourceIdentifier": "psirt@moxa.com", "sourceIdentifier": "psirt@moxa.com",
"published": "2023-09-02T13:15:45.173", "published": "2023-09-02T13:15:45.173",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-07T20:29:10.830",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", "nodes": [
"source": "psirt@moxa.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities",
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-399xx/CVE-2023-39981.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39981", "id": "CVE-2023-39981",
"sourceIdentifier": "psirt@moxa.com", "sourceIdentifier": "psirt@moxa.com",
"published": "2023-09-02T13:15:45.257", "published": "2023-09-02T13:15:45.257",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-07T20:38:42.433",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", "nodes": [
"source": "psirt@moxa.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities",
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-410xx/CVE-2023-41061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41061", "id": "CVE-2023-41061",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-07T18:15:07.617", "published": "2023-09-07T18:15:07.617",
"lastModified": "2023-09-07T19:15:47.803", "lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-410xx/CVE-2023-41064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41064", "id": "CVE-2023-41064",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-07T18:15:07.727", "published": "2023-09-07T18:15:07.727",
"lastModified": "2023-09-07T19:15:48.070", "lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

63
CVE-2023/CVE-2023-413xx/CVE-2023-41316.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-41316",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T20:15:07.677",
"lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/tolgee/tolgee-platform/commit/bab718b1c9b3e90327bfb10d27b9799996e5c35b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2023/CVE-2023-45xx/CVE-2023-4528.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4528", "id": "CVE-2023-4528",
"sourceIdentifier": "cve@rapid7.con", "sourceIdentifier": "cve@rapid7.con",
"published": "2023-09-07T18:15:07.797", "published": "2023-09-07T18:15:07.797",
"lastModified": "2023-09-07T18:15:07.797", "lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

93
CVE-2023/CVE-2023-46xx/CVE-2023-4647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4647", "id": "CVE-2023-4647",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-01T11:15:43.363", "published": "2023-09-01T11:15:43.363",
"lastModified": "2023-09-01T11:47:43.290", "lastModified": "2023-09-07T20:02:15.837",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "cve@gitlab.com", "source": "cve@gitlab.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{ {
"source": "cve@gitlab.com", "source": "cve@gitlab.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,63 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414502", "nodes": [
"source": "cve@gitlab.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "15.2.0",
"versionEndExcluding": "16.1.5",
"matchCriteriaId": "0BB62198-2175-4319-9754-A55F5AA20EDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "15.2.0",
"versionEndExcluding": "16.1.5",
"matchCriteriaId": "8EBBBC86-4F64-4EAB-AF11-5552ED8FD0F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.2",
"versionEndExcluding": "16.2.5",
"matchCriteriaId": "18116007-7452-495F-80A1-39499882656E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.2",
"versionEndExcluding": "16.2.5",
"matchCriteriaId": "4E03E8BA-63C8-47D5-B5A1-26DF199E1F65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*",
"matchCriteriaId": "EE9B8DE8-9990-494B-BDBE-F867DDBB9D57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "08D6B555-39B6-493D-8460-3DC998BAF651"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/414502",
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-46xx/CVE-2023-4685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4685", "id": "CVE-2023-4685",
"sourceIdentifier": "ics-cert@hq.dhs.gov", "sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-09-07T18:15:07.883", "published": "2023-09-07T18:15:07.883",
"lastModified": "2023-09-07T18:15:07.883", "lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

83
CVE-2023/CVE-2023-47xx/CVE-2023-4718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4718", "id": "CVE-2023-4718",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-09-02T04:15:09.933", "published": "2023-09-02T04:15:09.933",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-07T20:12:06.297",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,20 +64,57 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L197", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L214", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc59510c-6eaf-4526-8acb-c07e39923ad9?source=cve", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:newnine:font_awesome_4_menus:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.7.0",
"matchCriteriaId": "C72960B8-CAEB-4DF6-8FCA-76EA3847B8E9"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L197",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L214",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc59510c-6eaf-4526-8acb-c07e39923ad9?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

53
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-09-07T20:00:25.590602+00:00 2023-09-07T22:00:25.505475+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-09-07T19:53:27.870000+00:00 2023-09-07T20:38:42.433000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,49 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
224479 224482
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `5` Recently added CVEs: `3`
* [CVE-2023-4528](CVE-2023/CVE-2023-45xx/CVE-2023-4528.json) (`2023-09-07T18:15:07.797`) * [CVE-2023-20193](CVE-2023/CVE-2023-201xx/CVE-2023-20193.json) (`2023-09-07T20:15:07.473`)
* [CVE-2023-4685](CVE-2023/CVE-2023-46xx/CVE-2023-4685.json) (`2023-09-07T18:15:07.883`) * [CVE-2023-20194](CVE-2023/CVE-2023-201xx/CVE-2023-20194.json) (`2023-09-07T20:15:07.593`)
* [CVE-2023-37798](CVE-2023/CVE-2023-377xx/CVE-2023-37798.json) (`2023-09-07T19:15:47.510`) * [CVE-2023-41316](CVE-2023/CVE-2023-413xx/CVE-2023-41316.json) (`2023-09-07T20:15:07.677`)
* [CVE-2023-41061](CVE-2023/CVE-2023-410xx/CVE-2023-41061.json) (`2023-09-07T18:15:07.617`)
* [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2023-09-07T18:15:07.727`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `55` Recently modified CVEs: `10`
* [CVE-2023-32810](CVE-2023/CVE-2023-328xx/CVE-2023-32810.json) (`2023-09-07T19:12:56.850`) * [CVE-2023-4647](CVE-2023/CVE-2023-46xx/CVE-2023-4647.json) (`2023-09-07T20:02:15.837`)
* [CVE-2023-32811](CVE-2023/CVE-2023-328xx/CVE-2023-32811.json) (`2023-09-07T19:13:05.170`) * [CVE-2023-4718](CVE-2023/CVE-2023-47xx/CVE-2023-4718.json) (`2023-09-07T20:12:06.297`)
* [CVE-2023-20826](CVE-2023/CVE-2023-208xx/CVE-2023-20826.json) (`2023-09-07T19:13:15.787`) * [CVE-2023-39979](CVE-2023/CVE-2023-399xx/CVE-2023-39979.json) (`2023-09-07T20:16:28.350`)
* [CVE-2023-20827](CVE-2023/CVE-2023-208xx/CVE-2023-20827.json) (`2023-09-07T19:13:24.850`) * [CVE-2023-41061](CVE-2023/CVE-2023-410xx/CVE-2023-41061.json) (`2023-09-07T20:17:06.860`)
* [CVE-2023-20828](CVE-2023/CVE-2023-208xx/CVE-2023-20828.json) (`2023-09-07T19:13:33.270`) * [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2023-09-07T20:17:06.860`)
* [CVE-2023-20835](CVE-2023/CVE-2023-208xx/CVE-2023-20835.json) (`2023-09-07T19:13:46.380`) * [CVE-2023-4528](CVE-2023/CVE-2023-45xx/CVE-2023-4528.json) (`2023-09-07T20:17:06.860`)
* [CVE-2023-20825](CVE-2023/CVE-2023-208xx/CVE-2023-20825.json) (`2023-09-07T19:14:16.880`) * [CVE-2023-4685](CVE-2023/CVE-2023-46xx/CVE-2023-4685.json) (`2023-09-07T20:17:06.860`)
* [CVE-2023-20822](CVE-2023/CVE-2023-208xx/CVE-2023-20822.json) (`2023-09-07T19:14:27.697`) * [CVE-2023-37798](CVE-2023/CVE-2023-377xx/CVE-2023-37798.json) (`2023-09-07T20:17:06.860`)
* [CVE-2023-20821](CVE-2023/CVE-2023-208xx/CVE-2023-20821.json) (`2023-09-07T19:14:35.620`) * [CVE-2023-39980](CVE-2023/CVE-2023-399xx/CVE-2023-39980.json) (`2023-09-07T20:29:10.830`)
* [CVE-2023-20836](CVE-2023/CVE-2023-208xx/CVE-2023-20836.json) (`2023-09-07T19:14:40.490`) * [CVE-2023-39981](CVE-2023/CVE-2023-399xx/CVE-2023-39981.json) (`2023-09-07T20:38:42.433`)
* [CVE-2023-20820](CVE-2023/CVE-2023-208xx/CVE-2023-20820.json) (`2023-09-07T19:14:49.727`)
* [CVE-2023-38283](CVE-2023/CVE-2023-382xx/CVE-2023-38283.json) (`2023-09-07T19:15:12.473`)
* [CVE-2023-4710](CVE-2023/CVE-2023-47xx/CVE-2023-4710.json) (`2023-09-07T19:16:32.170`)
* [CVE-2023-41051](CVE-2023/CVE-2023-410xx/CVE-2023-41051.json) (`2023-09-07T19:19:19.957`)
* [CVE-2023-41046](CVE-2023/CVE-2023-410xx/CVE-2023-41046.json) (`2023-09-07T19:20:17.653`)
* [CVE-2023-4711](CVE-2023/CVE-2023-47xx/CVE-2023-4711.json) (`2023-09-07T19:21:02.327`)
* [CVE-2023-4712](CVE-2023/CVE-2023-47xx/CVE-2023-4712.json) (`2023-09-07T19:21:25.680`)
* [CVE-2023-4713](CVE-2023/CVE-2023-47xx/CVE-2023-4713.json) (`2023-09-07T19:22:48.413`)
* [CVE-2023-4714](CVE-2023/CVE-2023-47xx/CVE-2023-4714.json) (`2023-09-07T19:23:35.707`)
* [CVE-2023-3297](CVE-2023/CVE-2023-32xx/CVE-2023-3297.json) (`2023-09-07T19:24:36.467`)
* [CVE-2023-31167](CVE-2023/CVE-2023-311xx/CVE-2023-31167.json) (`2023-09-07T19:26:11.297`)
* [CVE-2023-4778](CVE-2023/CVE-2023-47xx/CVE-2023-4778.json) (`2023-09-07T19:34:34.170`)
* [CVE-2023-20897](CVE-2023/CVE-2023-208xx/CVE-2023-20897.json) (`2023-09-07T19:40:05.767`)
* [CVE-2023-4709](CVE-2023/CVE-2023-47xx/CVE-2023-4709.json) (`2023-09-07T19:43:43.600`)
* [CVE-2023-23763](CVE-2023/CVE-2023-237xx/CVE-2023-23763.json) (`2023-09-07T19:53:27.870`)
## Download and Usage ## Download and Usage