admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-07T18:00:33.903204+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-07 18:00:37 +00:00
parent 140d1ba0dc
commit 1ea352e5d6
48 changed files with 5773 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
CVE-2021/CVE-2021-319xx/CVE-2021-31982.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2021-31982",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-01T00:15:09.683",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:24:45.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Microsoft Edge (basado en Chromium) contiene una vulnerabilidad en la funci\u00f3n de seguridad que podr\u00eda permitir su omisi\u00f3n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N",
@ -34,10 +58,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91.0.864.37",
"matchCriteriaId": "5030D975-8B99-4781-8840-3C0F084614B9"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31982",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2021/CVE-2021-344xx/CVE-2021-34475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34475",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-01T00:15:09.757",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:25:10.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91.0.864.59",
"matchCriteriaId": "E61AD06C-6EC7-4A12-96E9-5367B64ADF34"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2021/CVE-2021-345xx/CVE-2021-34506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-34506",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-01T00:15:09.823",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:35:05.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "91.0.864.59",
"matchCriteriaId": "E61AD06C-6EC7-4A12-96E9-5367B64ADF34"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34506",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2021/CVE-2021-423xx/CVE-2021-42307.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-42307",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-01T00:15:09.883",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:35:49.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "95.0.1020.30",
"matchCriteriaId": "92F0909B-B754-40A3-A76F-ED95879CF0DF"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-42307",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-239xx/CVE-2022-23913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23913",
"sourceIdentifier": "security@apache.org",
"published": "2022-02-04T23:15:15.827",
"lastModified": "2023-06-30T18:53:51.587",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T16:15:09.390",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,7 +65,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@apache.org",
"type": "Primary",
"description": [
{
@ -75,12 +75,12 @@
]
},
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-770"
}
]
}

10
CVE-2022/CVE-2022-283xx/CVE-2022-28331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28331",
"sourceIdentifier": "security@apache.org",
"published": "2023-01-31T16:15:08.977",
"lastModified": "2023-06-28T14:28:29.000",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-07T16:15:09.550",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -36,7 +36,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security@apache.org",
"type": "Primary",
"description": [
{
@ -46,12 +46,12 @@
]
},
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-190"
}
]
}

128
CVE-2023/CVE-2023-201xx/CVE-2023-20120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20120",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.760",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:02:41.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,100 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager:14.0.0-418:*:*:*:*:*:*:*",
"matchCriteriaId": "91A23056-1521-4982-8F4D-BCDB6F9E98EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager:14.0.1-033:*:*:*:*:*:*:*",
"matchCriteriaId": "D9897B99-0295-4D4D-8EE7-88FB5BC97123"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager:14.0.1-053:*:*:*:*:*:*:*",
"matchCriteriaId": "286B37A2-A7B1-44D9-A2BD-56F9C26195A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager:15.0.0-050:*:*:*:*:*:*:*",
"matchCriteriaId": "3774F588-98E5-4197-B858-FF83B5838265"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_and_web_manager:15.0.0-256:*:*:*:*:*:*:*",
"matchCriteriaId": "99A048C2-7352-4ED5-990F-95467AAB022C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_gateway:14.0.0-418:*:*:*:*:*:*:*",
"matchCriteriaId": "02212FE3-CEE6-4609-B9AE-CD228F4ADFFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_gateway:14.0.1-033:*:*:*:*:*:*:*",
"matchCriteriaId": "B0DB52EF-1542-4665-AC44-F1E3B074B615"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_gateway:14.0.1-053:*:*:*:*:*:*:*",
"matchCriteriaId": "615DD221-9200-41D1-9DAF-CC8BEB67342C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_gateway:15.0.0-050:*:*:*:*:*:*:*",
"matchCriteriaId": "4AEA665F-86B3-4AA6-9E99-6F935264222A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_email_gateway:15.0.0-256:*:*:*:*:*:*:*",
"matchCriteriaId": "988AAD9A-B4FD-42C5-B222-53A4E69CE87E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:web_security_appliance:14.0.0-418:*:*:*:*:*:*:*",
"matchCriteriaId": "5A694B4F-D454-405B-B620-A899543DA2E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:web_security_appliance:14.0.1-033:*:*:*:*:*:*:*",
"matchCriteriaId": "CB812B1F-3E7E-4AD6-9AA3-241B957A0047"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:web_security_appliance:14.0.1-053:*:*:*:*:*:*:*",
"matchCriteriaId": "BDE6AB7B-561D-4D50-907B-605CD0649A98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:web_security_appliance:15.0.0-050:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B523B-95F6-463F-B96B-9C301B6FFA9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:web_security_appliance:15.0.0-256:*:*:*:*:*:*:*",
"matchCriteriaId": "1DFDA027-9BED-4DB5-804D-A192FF8138CF"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-201xx/CVE-2023-20178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20178",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.880",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:47:17.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -46,10 +78,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "4.10.07061",
"matchCriteriaId": "9980A481-8A54-475A-B735-0C339FF30314"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:secure_client:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.0.02075",
"matchCriteriaId": "7A856448-9BF4-4693-A1EA-3B6C06DB4259"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

3337
CVE-2023/CVE-2023-201xx/CVE-2023-20188.json
View File

File diff suppressed because it is too large Load Diff

24
CVE-2023/CVE-2023-252xx/CVE-2023-25201.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-25201",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T16:15:09.680",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability in MultiTech Conduit AP MTCAP2-L4E1 MTCAP2-L4E1-868-042A v.6.0.0 allows a remote attacker to execute arbitrary code via a crafted script upload."
}
],
"metrics": {},
"references": [
{
"url": "https://herolab.usd.de/security-advisories/",
"source": "cve@mitre.org"
},
{
"url": "https://www.multitech.com",
"source": "cve@mitre.org"
}
]
}

73
CVE-2023/CVE-2023-260xx/CVE-2023-26085.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-26085",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T17:15:09.707",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:01:51.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A possible out-of-bounds read and write (due to an improper length check of shared memory) was discovered in Arm NN Android-NN-Driver before 23.02."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arm:nn_android_neural_networks_driver:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.02",
"matchCriteriaId": "0FE499C1-5AB6-4217-B438-CBA9548B059A"
}
]
}
]
}
],
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/ARM-software/android-nn-driver/releases/tag/v23.02",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

24
CVE-2023/CVE-2023-278xx/CVE-2023-27845.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-27845",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:09.540",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability found in PrestaShop lekerawen_ocs before v.1.4.1 allow a remote attacker to gain privileges via the KerawenHelper::setCartOperationInfo, and KerawenHelper::resetCheckoutSessionData components."
}
],
"metrics": {},
"references": [
{
"url": "https://kerawen.com/logiciel-de-caisse/",
"source": "cve@mitre.org"
},
{
"url": "https://security.friendsofpresta.org/modules/2023/07/06/kerawen_ocs.html",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-299xx/CVE-2023-29998.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-29998",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T16:15:09.737",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site scripting (XSS) vulnerability in the content editor in Gis3W g3w-suite 3.5 allows remote authenticated users to inject arbitrary web script or HTML and gain privileges via the description parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/g3w-suite",
"source": "cve@mitre.org"
},
{
"url": "https://labs.yarix.com/2023/07/gis3w-persistent-xss-in-g3wsuite-3-5-cve-2023-29998/",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30946",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-29T19:15:08.837",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:04:55.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_issues:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.497.0",
"matchCriteriaId": "6B99AD70-904F-4ED0-BAE1-F1297B3C91C7"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=4cf0b6e6-564a-467b-83ae-36fec3a491c3",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-309xx/CVE-2023-30955.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30955",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-06-29T19:15:08.913",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:52:53.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:palantir:foundry_workspace-server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.7.0",
"matchCriteriaId": "53361180-BF9C-4576-B127-49632C2A9688"
}
]
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=0c3f6c33-4eb0-48b5-ab87-fe48c46a4170",
"source": "cve-coordination@palantir.com"
"source": "cve-coordination@palantir.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-312xx/CVE-2023-31222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31222",
"sourceIdentifier": "security@medtronic.com",
"published": "2023-06-29T16:15:09.777",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:13:00.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@medtronic.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "security@medtronic.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:medtronic:paceart_optima:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "1.12",
"matchCriteriaId": "A39B5C21-C4A0-4F23-93BF-A0E5AA01DA65"
}
]
}
]
}
],
"references": [
{
"url": "https://global.medtronic.com/xg-en/product-security/security-bulletins/paceart-optima-system.html",
"source": "security@medtronic.com"
"source": "security@medtronic.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-31xx/CVE-2023-3117.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3117",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-30T22:15:10.127",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:11:07.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "76061B41-CAE9-4467-BEDE-0FFC7956F2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A717BA5B-D535-46A0-A329-A25FE5CEC588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*",
"matchCriteriaId": "89CC80C6-F1EE-4AC7-BD21-DB3217BADE87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*",
"matchCriteriaId": "41EACEA1-FB69-4AF2-BC52-D39489858D42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*",
"matchCriteriaId": "9E1C36BE-F9D8-40B6-8281-5B8F9B42322D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1240eb93f0616b21c675416516ff3d74798fdc97",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

69
CVE-2023/CVE-2023-326xx/CVE-2023-32607.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-32607",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-30T03:15:09.237",
"lastModified": "2023-06-30T12:59:54.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:28:45.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stored cross-site scripting vulnerability in Pleasanter (Community Edition and Enterprise Edition) 1.3.39.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pleasanter:pleasanter:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.39.2",
"matchCriteriaId": "017BB51F-B65B-4B80-81B0-C36506C82109"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97818024/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://pleasanter.org/archives/vulnerability-update-202306",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-326xx/CVE-2023-32608.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32608",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-30T03:15:09.297",
"lastModified": "2023-06-30T12:59:54.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:29:16.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "La vulnerabilidad de salto de directorios en Pleasanter (Community Edition y Enterprise Edition) v1.3.39.2 y versiones anteriores permite a un atacante remoto autenticado alterar un archivo arbitrario en el servidor. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pleasanter:pleasanter:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.39.2",
"matchCriteriaId": "017BB51F-B65B-4B80-81B0-C36506C82109"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN97818024/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://pleasanter.org/archives/vulnerability-update-202306",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-332xx/CVE-2023-33277.json
View File

@ -2,23 +2,99 @@
"id": "CVE-2023-33277",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T16:15:09.850",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:30:07.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 allows a remote attacker to read sensitive files via directory-traversal sequences in the URL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gira:knx_ip_router_firmware:3.1.3683.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D32F793-EB7B-405B-B256-5AEE5FAC03B8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gira:knx_ip_router_firmware:3.3.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE29350-C70D-4AFB-9727-8946759592C7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gira:knx_ip_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D468470-3694-44BD-944C-77C1D63B64C4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.syss.de/en/responsible-disclosure-policy",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-015.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-333xx/CVE-2023-33336.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33336",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T02:15:09.000",
"lastModified": "2023-06-30T12:59:58.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:24:05.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Reflected cross site scripting (XSS) vulnerability was discovered in Sophos Web Appliance v4.3.9.1 that allows for arbitrary code to be inputted via the double quotes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sophos:web_appliance:4.3.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DA866A96-2576-44D6-9B30-23A4B5AEA417"
}
]
}
]
}
],
"references": [
{
"url": "https://inf0seq.github.io/cve/2023/04/30/Cross-site-scripting-(XSS)-in-Sophos-Web-Appliance-4.1.1-0.9.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-336xx/CVE-2023-33664.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33664",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T16:15:09.783",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ai-dev aicombinationsonfly before v0.3.1 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/06/28/aicombinationsonfly.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.boutique.ai-dev.fr/en/ergonomie/61-combinations-on-fly.html",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-337xx/CVE-2023-33715.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-33715",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:09.607",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow in ACDSee Free v2.0.2.227 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
}
],
"metrics": {},
"references": [
{
"url": "http://acd.com",
"source": "cve@mitre.org"
},
{
"url": "http://acdsee.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/zclrsr/CVE-Reports/blob/main/ACDSee/CVE-2023-33715.md",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-33xx/CVE-2023-3338.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-3338",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-30T22:15:10.270",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:20:32.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0"
}
]
}
]
}
],
"references": [
{
"url": "https://seclists.org/oss-sec/2023/q2/276",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-346xx/CVE-2023-34658.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-34658",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T17:15:09.767",
"lastModified": "2023-06-29T18:16:42.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:11:51.400",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Telegram v9.6.3 on iOS allows attackers to hide critical information on the User Interface via calling the function SFSafariViewController."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:telegram:telegram:9.6.3:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "F2AF0D9A-D251-4A85-BF12-0A15D3D753BE"
}
]
}
]
}
],
"references": [
{
"url": "https://crsrg.sh/crsrg-2308101/",
"source": "cve@mitre.org"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259547",
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-348xx/CVE-2023-34844.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-34844",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T15:15:09.657",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:02:37.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Play With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:play_with_docker_project:play_with_docker:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.0.2",
"matchCriteriaId": "4B4AF55D-5758-42FC-9C0F-1F5724EF053D"
}
]
}
]
}
],
"references": [
{
"url": "https://hacku.top/wl/?id=MACBtnorZyp6hC3E5bw2CqBAusuWoKe3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-34xx/CVE-2023-3447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3447",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-29T05:15:14.177",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:02:02.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miniorange:active_directory_integration_\\/_ldap_integration:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.6",
"matchCriteriaId": "8CE6AEB1-7872-44F9-889E-ECE07E4D3E93"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2928150%40ldap-login-for-intranet-sites&new=2928150%40ldap-login-for-intranet-sites&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cd7553e8-e43d-4740-b2ee-e3d8dc351e53?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

14
CVE-2023/CVE-2023-359xx/CVE-2023-35987.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35987",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-06T23:15:09.550",
"lastModified": "2023-07-07T12:50:22.490",
"lastModified": "2023-07-07T17:15:09.677",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
"impactScore": 5.9
}
]
},

84
CVE-2023/CVE-2023-35xx/CVE-2023-3541.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3541",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T16:15:09.870",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /author_posts.php. The manipulation of the argument author with the input g6g12<script>alert(1)</script>o8sdm leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233293 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233293",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233293",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3542.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3542",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T16:15:09.947",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in ThinuTech ThinuCMS 1.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /contact.php. The manipulation of the argument name/body leads to cross site scripting. The attack may be launched remotely. VDB-233294 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233294",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233294",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3543.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3543",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T17:15:10.400",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GZ Scripts Availability Booking Calendar PHP 1.8. It has been classified as problematic. This affects an unknown part of the file load.php of the component HTTP POST Request Handler. The manipulation of the argument cid/first_name/second_name/address_1/country leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-233295. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233295",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233295",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-35xx/CVE-2023-3544.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3544",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-07T17:15:10.577",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GZ Scripts Time Slot Booking Calendar PHP 1.8. It has been declared as problematic. This vulnerability affects unknown code of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack can be initiated remotely. The identifier of this vulnerability is VDB-233296. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.233296",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.233296",
"source": "cna@vuldb.com"
}
]
}

81
CVE-2023/CVE-2023-361xx/CVE-2023-36143.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-36143",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T01:15:08.767",
"lastModified": "2023-06-30T12:59:58.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:20:03.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the \"Diagnostic tool\" functionality of the device."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:maxprintisp:maxlink_1200g_firmware:3.4.11e:*:*:*:*:*:*:*",
"matchCriteriaId": "CE5140AC-5E19-4E9B-B2F3-915E9E9FE0EE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:maxprintisp:maxlink_1200g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80F15C78-7B4D-4C59-9119-0FA675AE2434"
}
]
}
]
}
],
"references": [
{
"url": "http://maxlink.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/leonardobg/CVE-2023-36143",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-362xx/CVE-2023-36201.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36201",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T16:15:09.827",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/5026",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-364xx/CVE-2023-36467.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36467",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-28T14:15:09.967",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:18:53.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amazon:aws-dataall:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.2.0",
"versionEndIncluding": "1.5.1",
"matchCriteriaId": "0529A7FE-376D-4C9A-BFEF-739038CAEA30"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/awslabs/aws-dataall/pull/472",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/awslabs/aws-dataall/releases/tag/v1.5.2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/awslabs/aws-dataall/releases/tag/v1.5.4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/awslabs/aws-dataall/security/advisories/GHSA-m922-chh7-8qcr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-364xx/CVE-2023-36476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36476",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-29T01:15:51.267",
"lastModified": "2023-06-29T15:35:43.220",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:51:22.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nixos:calamares-nixos-extensions:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.3.13",
"matchCriteriaId": "9F137430-7CE8-4856-AF49-A86837F31011"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/NixOS/calamares-nixos-extensions/security/advisories/GHSA-3rvf-24q2-24ww",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
},
{
"url": "https://github.com/osresearch/heads/issues/1348",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/vlinkz/calamares-nixos-extensions/commit/837ca4da5521a74d3b5ca6f7b88890a6713faa22",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
}
]
}

95
CVE-2023/CVE-2023-364xx/CVE-2023-36484.json
View File

@ -2,23 +2,108 @@
"id": "CVE-2023-36484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T19:15:09.053",
"lastModified": "2023-06-29T23:57:54.363",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T16:46:54.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to reflected Cross-Site Scripting (XSS)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.2",
"matchCriteriaId": "EBFD576F-DBBA-41F3-8788-1505D0220269"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:7.21:*:*:*:*:*:*:*",
"matchCriteriaId": "08F7F691-69A8-4F5D-85AA-52C7632ABBA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:8.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "2294ECEB-713A-40DB-8898-9ECF27463917"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:8.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "7FEA3D5A-A0AC-4490-BF0F-26F9E9FA6ECF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:8.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "E3966CC6-EA0D-4C7D-8586-1C2833951D6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:8.0:beta4:*:*:*:*:*:*",
"matchCriteriaId": "038E3D09-BFA5-4AD7-AE51-366ABD839892"
}
]
}
]
}
],
"references": [
{
"url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141710&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141711&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

75
CVE-2023/CVE-2023-364xx/CVE-2023-36488.json
View File

@ -2,23 +2,88 @@
"id": "CVE-2023-36488",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-29T17:15:09.857",
"lastModified": "2023-06-29T19:15:09.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:17:29.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ILIAS 7.21 and 8.0_beta1 through 8.2 is vulnerable to stored Cross Site Scripting (XSS)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.2",
"matchCriteriaId": "EBFD576F-DBBA-41F3-8788-1505D0220269"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ilias:ilias:7.21:*:*:*:*:*:*:*",
"matchCriteriaId": "08F7F691-69A8-4F5D-85AA-52C7632ABBA9"
}
]
}
]
}
],
"references": [
{
"url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141704&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://docu.ilias.de/ilias.php?ref_id=1719&obj_id=141710&obj_type=PageObject&cmd=layout&cmdClass=illmpresentationgui&cmdNode=13g&baseClass=ilLMPresentationGUI",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37061.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37061",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:09.827",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with an admin privilege account to insert XSS in the languages management section."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/75e9b3e0acac6f7a643da6ff19a00d55a94417a1",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-116-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-languages-management",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37062.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37062",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:09.883",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the course categories' definition."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/c263933d1d958edee3999820f636c8cb919d03d1",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-115-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-course-category",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37063.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37063",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:09.943",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the careers & promotions management section."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/546a18b0bd1446123f4e29f81f42e71b761f51b7",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-117-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-careers-amp-promotions-management",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37064.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37064",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:10.020",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the extra fields management section."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/91ecc6141de6de9483c5a31fbb9fa91450f24940",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-119-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-extra-fields-management",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37065.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37065",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:10.097",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/da61f287d2e508a5e940953b474051d0f21e91c0",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-118-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-session-category-management",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37066.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37066",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:10.167",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the skills wheel."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/4f7b5ebf90c35999917c231276e47a4184275690",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-114-2023-06-06-Low-impact-Low-risk-XSS-through-admin-account-skills",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-370xx/CVE-2023-37067.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37067",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-07T17:15:10.223",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the classes/usergroups management section."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/chamilo/chamilo-lms/commit/c75ff227bcf00e9f88e9477b78eaeed9e0668905",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-120-2023-06-07-Low-impact-Low-risk-XSS-through-admin-account-classesusergroups-management",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-372xx/CVE-2023-37264.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-37264",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-07T17:15:10.280",
"lastModified": "2023-07-07T17:36:20.173",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 0.35.0, pipelines do not validate child UIDs, which means that a user that has access to create TaskRuns can create their own Tasks that the Pipelines controller will accept as the child Task. While the software stores and validates the PipelineRun's (api version, kind, name, uid) in the child Run's OwnerReference, it only store (api version, kind, name) in the ChildStatusReference. This means that if a client had access to create TaskRuns on a cluster, they could create a child TaskRun for a pipeline with the same name + owner reference, and the Pipeline controller picks it up as if it was the original TaskRun. This is problematic since it can let users modify the config of Pipelines at runtime, which violates SLSA L2 Service Generated / Non-falsifiable requirements. This issue can be used to trick the Pipeline controller into associating unrelated Runs to the Pipeline, feeding its data through the rest of the Pipeline. This requires access to create TaskRuns, so impact may vary depending on one Tekton setup. If users already have unrestricted access to create any Task/PipelineRun, this does not grant any additional capabilities. As of time of publication, there are no known patches for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
}
],
"references": [
{
"url": "https://github.com/tektoncd/pipeline/blob/2d38f5fa840291395178422d34b36b1bc739e2a2/pkg/reconciler/pipelinerun/pipelinerun.go#L1358-L1372",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/tektoncd/pipeline/security/advisories/GHSA-w2h3-vvvq-3m53",
"source": "security-advisories@github.com"
},
{
"url": "https://pkg.go.dev/github.com/tektoncd/pipeline/pkg/apis/pipeline/v1beta1#ChildStatusReference",
"source": "security-advisories@github.com"
}
]
}

65
CVE-2023/CVE-2023-373xx/CVE-2023-37365.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-37365",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T19:15:09.437",
"lastModified": "2023-07-03T01:10:10.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-07T17:51:51.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hnswlib_project:hnswlib:0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "41504741-4100-4101-A106-48E425566C99"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nmslib/hnswlib/issues/467",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

87
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-07T16:00:26.958077+00:00
2023-07-07T18:00:33.903204+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-07T15:49:08.983000+00:00
2023-07-07T17:55:35.560000+00:00
```
### Last Data Feed Release
@ -29,53 +29,62 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
219454
219472
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `18`
* [CVE-2023-37144](CVE-2023/CVE-2023-371xx/CVE-2023-37144.json) (`2023-07-07T14:15:09.363`)
* [CVE-2023-37145](CVE-2023/CVE-2023-371xx/CVE-2023-37145.json) (`2023-07-07T14:15:09.433`)
* [CVE-2023-37146](CVE-2023/CVE-2023-371xx/CVE-2023-37146.json) (`2023-07-07T14:15:09.500`)
* [CVE-2023-37148](CVE-2023/CVE-2023-371xx/CVE-2023-37148.json) (`2023-07-07T14:15:09.570`)
* [CVE-2023-37149](CVE-2023/CVE-2023-371xx/CVE-2023-37149.json) (`2023-07-07T14:15:09.617`)
* [CVE-2023-3537](CVE-2023/CVE-2023-35xx/CVE-2023-3537.json) (`2023-07-07T14:15:09.757`)
* [CVE-2023-3538](CVE-2023/CVE-2023-35xx/CVE-2023-3538.json) (`2023-07-07T14:15:09.850`)
* [CVE-2023-3539](CVE-2023/CVE-2023-35xx/CVE-2023-3539.json) (`2023-07-07T15:15:10.230`)
* [CVE-2023-3540](CVE-2023/CVE-2023-35xx/CVE-2023-3540.json) (`2023-07-07T15:15:10.317`)
* [CVE-2023-25201](CVE-2023/CVE-2023-252xx/CVE-2023-25201.json) (`2023-07-07T16:15:09.680`)
* [CVE-2023-29998](CVE-2023/CVE-2023-299xx/CVE-2023-29998.json) (`2023-07-07T16:15:09.737`)
* [CVE-2023-33664](CVE-2023/CVE-2023-336xx/CVE-2023-33664.json) (`2023-07-07T16:15:09.783`)
* [CVE-2023-36201](CVE-2023/CVE-2023-362xx/CVE-2023-36201.json) (`2023-07-07T16:15:09.827`)
* [CVE-2023-3541](CVE-2023/CVE-2023-35xx/CVE-2023-3541.json) (`2023-07-07T16:15:09.870`)
* [CVE-2023-3542](CVE-2023/CVE-2023-35xx/CVE-2023-3542.json) (`2023-07-07T16:15:09.947`)
* [CVE-2023-27845](CVE-2023/CVE-2023-278xx/CVE-2023-27845.json) (`2023-07-07T17:15:09.540`)
* [CVE-2023-33715](CVE-2023/CVE-2023-337xx/CVE-2023-33715.json) (`2023-07-07T17:15:09.607`)
* [CVE-2023-37061](CVE-2023/CVE-2023-370xx/CVE-2023-37061.json) (`2023-07-07T17:15:09.827`)
* [CVE-2023-37062](CVE-2023/CVE-2023-370xx/CVE-2023-37062.json) (`2023-07-07T17:15:09.883`)
* [CVE-2023-37063](CVE-2023/CVE-2023-370xx/CVE-2023-37063.json) (`2023-07-07T17:15:09.943`)
* [CVE-2023-37064](CVE-2023/CVE-2023-370xx/CVE-2023-37064.json) (`2023-07-07T17:15:10.020`)
* [CVE-2023-37065](CVE-2023/CVE-2023-370xx/CVE-2023-37065.json) (`2023-07-07T17:15:10.097`)
* [CVE-2023-37066](CVE-2023/CVE-2023-370xx/CVE-2023-37066.json) (`2023-07-07T17:15:10.167`)
* [CVE-2023-37067](CVE-2023/CVE-2023-370xx/CVE-2023-37067.json) (`2023-07-07T17:15:10.223`)
* [CVE-2023-37264](CVE-2023/CVE-2023-372xx/CVE-2023-37264.json) (`2023-07-07T17:15:10.280`)
* [CVE-2023-3543](CVE-2023/CVE-2023-35xx/CVE-2023-3543.json) (`2023-07-07T17:15:10.400`)
* [CVE-2023-3544](CVE-2023/CVE-2023-35xx/CVE-2023-3544.json) (`2023-07-07T17:15:10.577`)
### CVEs modified in the last Commit
Recently modified CVEs: `31`
Recently modified CVEs: `29`
* [CVE-2023-35866](CVE-2023/CVE-2023-358xx/CVE-2023-35866.json) (`2023-07-07T14:01:33.287`)
* [CVE-2023-28929](CVE-2023/CVE-2023-289xx/CVE-2023-28929.json) (`2023-07-07T14:12:11.360`)
* [CVE-2023-25366](CVE-2023/CVE-2023-253xx/CVE-2023-25366.json) (`2023-07-07T14:14:53.760`)
* [CVE-2023-3243](CVE-2023/CVE-2023-32xx/CVE-2023-3243.json) (`2023-07-07T14:15:09.673`)
* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2023-07-07T14:31:30.563`)
* [CVE-2023-34840](CVE-2023/CVE-2023-348xx/CVE-2023-34840.json) (`2023-07-07T14:37:15.100`)
* [CVE-2023-34197](CVE-2023/CVE-2023-341xx/CVE-2023-34197.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-37308](CVE-2023/CVE-2023-373xx/CVE-2023-37308.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-3535](CVE-2023/CVE-2023-35xx/CVE-2023-3535.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-3536](CVE-2023/CVE-2023-35xx/CVE-2023-3536.json) (`2023-07-07T14:54:15.817`)
* [CVE-2023-36474](CVE-2023/CVE-2023-364xx/CVE-2023-36474.json) (`2023-07-07T14:54:51.293`)
* [CVE-2023-32610](CVE-2023/CVE-2023-326xx/CVE-2023-32610.json) (`2023-07-07T14:55:04.910`)
* [CVE-2023-30501](CVE-2023/CVE-2023-305xx/CVE-2023-30501.json) (`2023-07-07T15:15:09.303`)
* [CVE-2023-30502](CVE-2023/CVE-2023-305xx/CVE-2023-30502.json) (`2023-07-07T15:15:09.440`)
* [CVE-2023-30503](CVE-2023/CVE-2023-305xx/CVE-2023-30503.json) (`2023-07-07T15:15:09.537`)
* [CVE-2023-30504](CVE-2023/CVE-2023-305xx/CVE-2023-30504.json) (`2023-07-07T15:15:09.620`)
* [CVE-2023-30505](CVE-2023/CVE-2023-305xx/CVE-2023-30505.json) (`2023-07-07T15:15:09.693`)
* [CVE-2023-30506](CVE-2023/CVE-2023-305xx/CVE-2023-30506.json) (`2023-07-07T15:15:09.777`)
* [CVE-2023-30507](CVE-2023/CVE-2023-305xx/CVE-2023-30507.json) (`2023-07-07T15:15:09.863`)
* [CVE-2023-30508](CVE-2023/CVE-2023-305xx/CVE-2023-30508.json) (`2023-07-07T15:15:09.943`)
* [CVE-2023-30509](CVE-2023/CVE-2023-305xx/CVE-2023-30509.json) (`2023-07-07T15:15:10.013`)
* [CVE-2023-30510](CVE-2023/CVE-2023-305xx/CVE-2023-30510.json) (`2023-07-07T15:15:10.090`)
* [CVE-2023-37378](CVE-2023/CVE-2023-373xx/CVE-2023-37378.json) (`2023-07-07T15:15:10.173`)
* [CVE-2023-35042](CVE-2023/CVE-2023-350xx/CVE-2023-35042.json) (`2023-07-07T15:28:32.747`)
* [CVE-2023-35163](CVE-2023/CVE-2023-351xx/CVE-2023-35163.json) (`2023-07-07T15:49:08.983`)
* [CVE-2022-23913](CVE-2022/CVE-2022-239xx/CVE-2022-23913.json) (`2023-07-07T16:15:09.390`)
* [CVE-2022-28331](CVE-2022/CVE-2022-283xx/CVE-2022-28331.json) (`2023-07-07T16:15:09.550`)
* [CVE-2023-3447](CVE-2023/CVE-2023-34xx/CVE-2023-3447.json) (`2023-07-07T16:02:02.250`)
* [CVE-2023-34844](CVE-2023/CVE-2023-348xx/CVE-2023-34844.json) (`2023-07-07T16:02:37.313`)
* [CVE-2023-20120](CVE-2023/CVE-2023-201xx/CVE-2023-20120.json) (`2023-07-07T16:02:41.643`)
* [CVE-2023-31222](CVE-2023/CVE-2023-312xx/CVE-2023-31222.json) (`2023-07-07T16:13:00.783`)
* [CVE-2023-36143](CVE-2023/CVE-2023-361xx/CVE-2023-36143.json) (`2023-07-07T16:20:03.587`)
* [CVE-2023-33336](CVE-2023/CVE-2023-333xx/CVE-2023-33336.json) (`2023-07-07T16:24:05.020`)
* [CVE-2023-32607](CVE-2023/CVE-2023-326xx/CVE-2023-32607.json) (`2023-07-07T16:28:45.697`)
* [CVE-2023-32608](CVE-2023/CVE-2023-326xx/CVE-2023-32608.json) (`2023-07-07T16:29:16.543`)
* [CVE-2023-33277](CVE-2023/CVE-2023-332xx/CVE-2023-33277.json) (`2023-07-07T16:30:07.667`)
* [CVE-2023-36484](CVE-2023/CVE-2023-364xx/CVE-2023-36484.json) (`2023-07-07T16:46:54.217`)
* [CVE-2023-30955](CVE-2023/CVE-2023-309xx/CVE-2023-30955.json) (`2023-07-07T16:52:53.380`)
* [CVE-2023-26085](CVE-2023/CVE-2023-260xx/CVE-2023-26085.json) (`2023-07-07T17:01:51.867`)
* [CVE-2023-30946](CVE-2023/CVE-2023-309xx/CVE-2023-30946.json) (`2023-07-07T17:04:55.903`)
* [CVE-2023-3117](CVE-2023/CVE-2023-31xx/CVE-2023-3117.json) (`2023-07-07T17:11:07.733`)
* [CVE-2023-34658](CVE-2023/CVE-2023-346xx/CVE-2023-34658.json) (`2023-07-07T17:11:51.400`)
* [CVE-2023-35987](CVE-2023/CVE-2023-359xx/CVE-2023-35987.json) (`2023-07-07T17:15:09.677`)
* [CVE-2023-36488](CVE-2023/CVE-2023-364xx/CVE-2023-36488.json) (`2023-07-07T17:17:29.997`)
* [CVE-2023-36467](CVE-2023/CVE-2023-364xx/CVE-2023-36467.json) (`2023-07-07T17:18:53.227`)
* [CVE-2023-3338](CVE-2023/CVE-2023-33xx/CVE-2023-3338.json) (`2023-07-07T17:20:32.650`)
* [CVE-2023-20178](CVE-2023/CVE-2023-201xx/CVE-2023-20178.json) (`2023-07-07T17:47:17.953`)
* [CVE-2023-36476](CVE-2023/CVE-2023-364xx/CVE-2023-36476.json) (`2023-07-07T17:51:22.317`)
* [CVE-2023-37365](CVE-2023/CVE-2023-373xx/CVE-2023-37365.json) (`2023-07-07T17:51:51.580`)
* [CVE-2023-20188](CVE-2023/CVE-2023-201xx/CVE-2023-20188.json) (`2023-07-07T17:55:35.560`)
## Download and Usage