admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-10T14:00:32.566155+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-10 14:00:36 +00:00
parent 4721c52052
commit 1e6be0e034
57 changed files with 1134 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2022/CVE-2022-278xx/CVE-2022-27861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27861",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T10:15:09.603",
"lastModified": "2023-08-10T10:15:09.603",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-446xx/CVE-2022-44629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-44629",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T10:15:09.873",
"lastModified": "2023-08-10T10:15:09.873",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

135
CVE-2022/CVE-2022-473xx/CVE-2022-47350.json
View File

@ -2,19 +2,146 @@
"id": "CVE-2022-47350",
"sourceIdentifier": "security@unisoc.com",
"published": "2023-08-07T02:15:09.770",
"lastModified": "2023-08-07T12:57:26.370",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-10T13:49:45.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Broken Link"
]
}
]
}

4
CVE-2023/CVE-2023-237xx/CVE-2023-23798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23798",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T11:15:10.987",
"lastModified": "2023-08-10T11:15:10.987",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-238xx/CVE-2023-23826.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23826",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T10:15:09.983",
"lastModified": "2023-08-10T10:15:09.983",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-238xx/CVE-2023-23828.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23828",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:09.733",
"lastModified": "2023-08-10T13:15:09.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Swashata WP Category Post List Widget plugin <=\u00a02.0.3 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-category-posts-list/wordpress-wp-category-post-list-widget-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-238xx/CVE-2023-23871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23871",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T11:15:11.593",
"lastModified": "2023-08-10T11:15:11.593",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-239xx/CVE-2023-23900.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23900",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T12:15:10.113",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in YIKES, Inc. Easy Forms for Mailchimp plugin <=\u00a06.8.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/yikes-inc-easy-mailchimp-extender/wordpress-easy-forms-for-mailchimp-plugin-6-8-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-240xx/CVE-2023-24009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24009",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T11:15:11.913",
"lastModified": "2023-08-10T11:15:11.913",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-243xx/CVE-2023-24389.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24389",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T10:15:10.077",
"lastModified": "2023-08-10T10:15:10.077",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-243xx/CVE-2023-24391.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24391",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:10.033",
"lastModified": "2023-08-10T13:15:10.033",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Spider Teams ApplyOnline plugin <=\u00a02.5 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/apply-online/wordpress-applyonline-application-form-builder-and-manager-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-243xx/CVE-2023-24393.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24393",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:10.150",
"lastModified": "2023-08-10T13:15:10.150",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Sk. Abul Hasan Animated Number Counters plugin <=\u00a01.6 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/animated-number-counters/wordpress-animated-number-counters-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-263xx/CVE-2023-26309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26309",
"sourceIdentifier": "security@oppo.com",
"published": "2023-08-10T09:15:09.623",
"lastModified": "2023-08-10T09:15:09.623",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-263xx/CVE-2023-26311.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26311",
"sourceIdentifier": "security@oppo.com",
"published": "2023-08-10T11:15:12.140",
"lastModified": "2023-08-10T11:15:12.140",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-287xx/CVE-2023-28779.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28779",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:10.263",
"lastModified": "2023-08-10T13:15:10.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vladimir Statsenko Terms descriptions plugin <=\u00a03.4.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/terms-descriptions/wordpress-terms-descriptions-plugin-3-4-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-304xx/CVE-2023-30481.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-30481",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T12:15:10.563",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alexey Golubnichenko AGP Font Awesome Collection plugin <=\u00a03.2.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/agp-font-awesome-collection/wordpress-agp-font-awesome-collection-plugin-3-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-306xx/CVE-2023-30654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30654",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:10.487",
"lastModified": "2023-08-10T02:15:10.487",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30679",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:10.610",
"lastModified": "2023-08-10T02:15:10.610",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30680.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30680",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:10.713",
"lastModified": "2023-08-10T02:15:10.713",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30681",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:10.807",
"lastModified": "2023-08-10T02:15:10.807",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30682",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:10.913",
"lastModified": "2023-08-10T02:15:10.913",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30683",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.007",
"lastModified": "2023-08-10T02:15:11.007",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30684",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.097",
"lastModified": "2023-08-10T02:15:11.097",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30685",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.190",
"lastModified": "2023-08-10T02:15:11.190",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30686",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.273",
"lastModified": "2023-08-10T02:15:11.273",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30687",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.367",
"lastModified": "2023-08-10T02:15:11.367",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30688",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.457",
"lastModified": "2023-08-10T02:15:11.457",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30689.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30689",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.547",
"lastModified": "2023-08-10T02:15:11.547",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30691",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.630",
"lastModified": "2023-08-10T02:15:11.630",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30693",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.730",
"lastModified": "2023-08-10T02:15:11.730",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30694.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30694",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.817",
"lastModified": "2023-08-10T02:15:11.817",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30695.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30695",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:11.903",
"lastModified": "2023-08-10T02:15:11.903",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30696",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.000",
"lastModified": "2023-08-10T02:15:12.000",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30697.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30697",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.077",
"lastModified": "2023-08-10T02:15:12.077",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30698",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.173",
"lastModified": "2023-08-10T02:15:12.173",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30699",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.267",
"lastModified": "2023-08-10T02:15:12.267",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30700",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.360",
"lastModified": "2023-08-10T02:15:12.360",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30701",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.453",
"lastModified": "2023-08-10T02:15:12.453",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30702.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30702",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.547",
"lastModified": "2023-08-10T02:15:12.547",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30703",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.650",
"lastModified": "2023-08-10T02:15:12.650",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30704.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30704",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.737",
"lastModified": "2023-08-10T02:15:12.737",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-307xx/CVE-2023-30705.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30705",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-08-10T02:15:12.827",
"lastModified": "2023-08-10T02:15:12.827",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-312xx/CVE-2023-31209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31209",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-08-10T09:15:12.123",
"lastModified": "2023-08-10T09:15:12.123",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-343xx/CVE-2023-34374.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34374",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T12:15:10.973",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Rahul Aryan AnsPress plugin <=\u00a04.3.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/anspress-question-answer/wordpress-anspress-question-and-answer-plugin-4-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-365xx/CVE-2023-36530.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36530",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T12:15:11.347",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smartypants SP Project & Document Manager plugin <=\u00a04.67 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sp-client-document-manager/wordpress-sp-project-document-manager-plugin-4-67-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37069.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37069",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-10T13:15:10.373",
"lastModified": "2023-08-10T13:15:10.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login process, enabling an attacker to inject malicious SQL code."
}
],
"metrics": {},
"references": [
{
"url": "https://code-projects.org/online-hospital-management-system-in-php-with-source-code/",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Mr-Secure-Code/My-CVE/blob/main/CVE-2023-37069-Exploit.md",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-379xx/CVE-2023-37983.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37983",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:10.443",
"lastModified": "2023-08-10T13:15:10.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in No\u00ebl Jackson Art Direction plugin <=\u00a00.2.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/art-direction/wordpress-art-direction-plugin-0-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-379xx/CVE-2023-37988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37988",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T11:15:12.427",
"lastModified": "2023-08-10T11:15:12.427",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2023/CVE-2023-37xx/CVE-2023-3766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3766",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-08-03T15:15:32.097",
"lastModified": "2023-08-03T15:37:04.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-10T14:00:07.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "cna@cloudflare.com",
"type": "Secondary",
@ -46,14 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudflare:odoh-rs:*:*:*:*:*:rust:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "B3221FFC-89CD-49F9-B571-82AF6E35E693"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/odoh-rs/pull/28",
"source": "cna@cloudflare.com"
"source": "cna@cloudflare.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/cloudflare/odoh-rs/security/advisories/GHSA-gpcv-p28p-fv2p",
"source": "cna@cloudflare.com"
"source": "cna@cloudflare.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-387xx/CVE-2023-38700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38700",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T19:15:09.697",
"lastModified": "2023-08-06T12:01:17.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-10T13:48:14.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:matrix:matrix-appservice-irc:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.0.1",
"matchCriteriaId": "D782170E-C590-428D-ACE7-29E22D4D6235"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/commit/8bbd2b69a16cbcbeffdd9b5c973fd89d61498d75",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/releases/tag/1.0.1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-c7hh-3v6c-fj4q",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39314.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39314",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-10T13:15:10.557",
"lastModified": "2023-08-10T13:15:10.557",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <=\u00a03.30.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/leyka/wordpress-leyka-plugin-3-30-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

52
CVE-2023/CVE-2023-393xx/CVE-2023-39344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39344",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T20:15:10.207",
"lastModified": "2023-08-06T12:01:17.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-10T12:47:00.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fobybus:social-media-skeleton:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0A924E-3B60-4C07-981C-A39EC940BEB7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfh",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-42xx/CVE-2023-4276.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4276",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T07:15:37.463",
"lastModified": "2023-08-10T07:15:37.463",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Absolute Privacy para WordPress es vulnerable a Cross-Site Request Forgery (CSRF) en versiones hasta la 2.1 inclusive. Esto se debe a la falta de validaci\u00f3n nonce en la funci\u00f3n \"abpr_profileShortcode\". Esto hace posible que los atacantes no autenticados cambien el correo electr\u00f3nico y la contrase\u00f1a del usuario, a trav\u00e9s de una solicitud manipulada concedida, y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer hacer clic en un enlace. "
}
],
"metrics": {

8
CVE-2023/CVE-2023-42xx/CVE-2023-4277.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4277",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T07:15:37.797",
"lastModified": "2023-08-10T07:15:37.797",
"vulnStatus": "Received",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Realia para WordPress es vulnerable a Cross-Site Request Forgery (CSRF) en versiones hasta la 1.4.0 inclusive. Esto se debe a la falta de validaci\u00f3n nonce en la funci\u00f3n \"process_change_profile_form\". Esto hace posible que los atacantes no autenticados cambien el correo electr\u00f3nico del usuario, a trav\u00e9s de una solicitud manipulada concedida, y puedan enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {

67
CVE-2023/CVE-2023-42xx/CVE-2023-4282.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-4282",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T12:15:12.000",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'admin_post_remove' and 'remove_private_data' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or above, to delete plugin settings."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.8.2/EmbedPress/ThirdParty/Googlecalendar/Embedpress_Google_Helper.php#L801",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.8.2/EmbedPress/ThirdParty/Googlecalendar/Embedpress_Google_Helper.php#L807",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2950211/embedpress#file18",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5fa2ec9e-2859-4a96-9e33-9e22d37e544f?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2023/CVE-2023-42xx/CVE-2023-4283.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-4283",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T12:15:12.440",
"lastModified": "2023-08-10T12:43:50.693",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The EmbedPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'embedpress_calendar' shortcode in versions up to, and including, 3.8.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/embedpress/tags/3.8.2/EmbedPress/ThirdParty/Googlecalendar/Embedpress_Google_Helper.php#L522",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2950211/embedpress#file18",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b340eda1-e9d2-40b6-89f9-41d995ce3555?source=cve",
"source": "security@wordfence.com"
}
]
}

57
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-10T12:00:29.478765+00:00
2023-08-10T14:00:32.566155+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-10T11:15:12.427000+00:00
2023-08-10T14:00:07.877000+00:00
```
### Last Data Feed Release
@ -29,28 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
222252
222265
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `13`
* [CVE-2022-27861](CVE-2022/CVE-2022-278xx/CVE-2022-27861.json) (`2023-08-10T10:15:09.603`)
* [CVE-2022-44629](CVE-2022/CVE-2022-446xx/CVE-2022-44629.json) (`2023-08-10T10:15:09.873`)
* [CVE-2023-23826](CVE-2023/CVE-2023-238xx/CVE-2023-23826.json) (`2023-08-10T10:15:09.983`)
* [CVE-2023-24389](CVE-2023/CVE-2023-243xx/CVE-2023-24389.json) (`2023-08-10T10:15:10.077`)
* [CVE-2023-23798](CVE-2023/CVE-2023-237xx/CVE-2023-23798.json) (`2023-08-10T11:15:10.987`)
* [CVE-2023-23871](CVE-2023/CVE-2023-238xx/CVE-2023-23871.json) (`2023-08-10T11:15:11.593`)
* [CVE-2023-24009](CVE-2023/CVE-2023-240xx/CVE-2023-24009.json) (`2023-08-10T11:15:11.913`)
* [CVE-2023-26311](CVE-2023/CVE-2023-263xx/CVE-2023-26311.json) (`2023-08-10T11:15:12.140`)
* [CVE-2023-37988](CVE-2023/CVE-2023-379xx/CVE-2023-37988.json) (`2023-08-10T11:15:12.427`)
* [CVE-2023-23900](CVE-2023/CVE-2023-239xx/CVE-2023-23900.json) (`2023-08-10T12:15:10.113`)
* [CVE-2023-30481](CVE-2023/CVE-2023-304xx/CVE-2023-30481.json) (`2023-08-10T12:15:10.563`)
* [CVE-2023-34374](CVE-2023/CVE-2023-343xx/CVE-2023-34374.json) (`2023-08-10T12:15:10.973`)
* [CVE-2023-36530](CVE-2023/CVE-2023-365xx/CVE-2023-36530.json) (`2023-08-10T12:15:11.347`)
* [CVE-2023-4282](CVE-2023/CVE-2023-42xx/CVE-2023-4282.json) (`2023-08-10T12:15:12.000`)
* [CVE-2023-4283](CVE-2023/CVE-2023-42xx/CVE-2023-4283.json) (`2023-08-10T12:15:12.440`)
* [CVE-2023-23828](CVE-2023/CVE-2023-238xx/CVE-2023-23828.json) (`2023-08-10T13:15:09.733`)
* [CVE-2023-24391](CVE-2023/CVE-2023-243xx/CVE-2023-24391.json) (`2023-08-10T13:15:10.033`)
* [CVE-2023-24393](CVE-2023/CVE-2023-243xx/CVE-2023-24393.json) (`2023-08-10T13:15:10.150`)
* [CVE-2023-28779](CVE-2023/CVE-2023-287xx/CVE-2023-28779.json) (`2023-08-10T13:15:10.263`)
* [CVE-2023-37069](CVE-2023/CVE-2023-370xx/CVE-2023-37069.json) (`2023-08-10T13:15:10.373`)
* [CVE-2023-37983](CVE-2023/CVE-2023-379xx/CVE-2023-37983.json) (`2023-08-10T13:15:10.443`)
* [CVE-2023-39314](CVE-2023/CVE-2023-393xx/CVE-2023-39314.json) (`2023-08-10T13:15:10.557`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `43`
* [CVE-2023-30695](CVE-2023/CVE-2023-306xx/CVE-2023-30695.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30696](CVE-2023/CVE-2023-306xx/CVE-2023-30696.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30697](CVE-2023/CVE-2023-306xx/CVE-2023-30697.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30698](CVE-2023/CVE-2023-306xx/CVE-2023-30698.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30699](CVE-2023/CVE-2023-306xx/CVE-2023-30699.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30700](CVE-2023/CVE-2023-307xx/CVE-2023-30700.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30701](CVE-2023/CVE-2023-307xx/CVE-2023-30701.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30702](CVE-2023/CVE-2023-307xx/CVE-2023-30702.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30703](CVE-2023/CVE-2023-307xx/CVE-2023-30703.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30704](CVE-2023/CVE-2023-307xx/CVE-2023-30704.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-30705](CVE-2023/CVE-2023-307xx/CVE-2023-30705.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-4276](CVE-2023/CVE-2023-42xx/CVE-2023-4276.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-4277](CVE-2023/CVE-2023-42xx/CVE-2023-4277.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-26309](CVE-2023/CVE-2023-263xx/CVE-2023-26309.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-31209](CVE-2023/CVE-2023-312xx/CVE-2023-31209.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-23826](CVE-2023/CVE-2023-238xx/CVE-2023-23826.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-24389](CVE-2023/CVE-2023-243xx/CVE-2023-24389.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-23798](CVE-2023/CVE-2023-237xx/CVE-2023-23798.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-23871](CVE-2023/CVE-2023-238xx/CVE-2023-23871.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-24009](CVE-2023/CVE-2023-240xx/CVE-2023-24009.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-26311](CVE-2023/CVE-2023-263xx/CVE-2023-26311.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-37988](CVE-2023/CVE-2023-379xx/CVE-2023-37988.json) (`2023-08-10T12:43:50.693`)
* [CVE-2023-39344](CVE-2023/CVE-2023-393xx/CVE-2023-39344.json) (`2023-08-10T12:47:00.707`)
* [CVE-2023-38700](CVE-2023/CVE-2023-387xx/CVE-2023-38700.json) (`2023-08-10T13:48:14.993`)
* [CVE-2023-3766](CVE-2023/CVE-2023-37xx/CVE-2023-3766.json) (`2023-08-10T14:00:07.877`)
## Download and Usage