diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0583.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0583.json new file mode 100644 index 00000000000..65ba5e4889b --- /dev/null +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0583.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-0583", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-03T02:15:09.050", + "lastModified": "2023-06-03T02:15:09.050", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change plugin settings including default icons." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/vk-blocks/trunk/inc/vk-blocks/App/RestAPI/BlockMeta/class-vk-blocks-entrypoint.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/12a94f5b-bc30-4a65-b397-54488c836ec3?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0584.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0584.json new file mode 100644 index 00000000000..4d73221b473 --- /dev/null +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0584.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-0584", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-06-03T02:15:09.120", + "lastModified": "2023-06-03T02:15:09.120", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1.57.0.5. This allows authenticated attackers, with contributor-level permissions or above, to change the 'vk_font_awesome_version' option to an arbitrary value." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/vk-blocks/trunk/inc/vk-blocks/font-awesome/class-vk-blocks-font-awesome-api.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b90b7f6c-df7f-48a5-b283-cf5facbd71e5?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-16xx/CVE-2023-1664.json b/CVE-2023/CVE-2023-16xx/CVE-2023-1664.json index a4c5ece16ef..88b7c0ac8e1 100644 --- a/CVE-2023/CVE-2023-16xx/CVE-2023-1664.json +++ b/CVE-2023/CVE-2023-16xx/CVE-2023-1664.json @@ -2,16 +2,49 @@ "id": "CVE-2023-1664", "sourceIdentifier": "secalert@redhat.com", "published": "2023-05-26T18:15:09.740", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:56:45.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A flaw was found in Keycloak. This flaw depends on a non-default configuration \"Revalidate Client Certificate\" to be enabled and the reverse proxy is not validating the certificate before Keycloak. Using this method an attacker may choose the certificate which will be validated by the server. If this happens and the KC_SPI_TRUSTSTORE_FILE_FILE variable is missing/misconfigured, any trustfile may be accepted with the logging information of \"Cannot validate client certificate trust: Truststore not available\". This may not impact availability as the attacker would have no access to the server, but consumer applications Integrity or Confidentiality may be impacted considering a possible access to them. Considering the environment is correctly set to use \"Revalidate Client Certificate\" this flaw is avoidable." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -23,10 +56,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:build_of_quarkus:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE29B9D6-63DC-4779-ACE8-4E51E6A0AF37" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*", + "matchCriteriaId": "A58966CB-36AF-4E64-AB39-BE3A0753E155" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6E0DE4E1-5D8D-40F3-8AC8-C7F736966158" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:migration_toolkit_for_runtimes:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F979A5E3-7FFB-45F1-9847-FFBAF0B12067" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182196&comment#0", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-215xx/CVE-2023-21514.json b/CVE-2023/CVE-2023-215xx/CVE-2023-21514.json index 3cef9057659..41b9695d84d 100644 --- a/CVE-2023/CVE-2023-215xx/CVE-2023-21514.json +++ b/CVE-2023/CVE-2023-215xx/CVE-2023-21514.json @@ -2,8 +2,8 @@ "id": "CVE-2023-21514", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-05-26T22:15:14.377", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:34:16.450", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:galaxy_store:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.49.8", + "matchCriteriaId": "89518C6A-E895-484C-9BF3-82EB9FE189A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-215xx/CVE-2023-21515.json b/CVE-2023/CVE-2023-215xx/CVE-2023-21515.json index b7661324624..2cf9e016b52 100644 --- a/CVE-2023/CVE-2023-215xx/CVE-2023-21515.json +++ b/CVE-2023/CVE-2023-215xx/CVE-2023-21515.json @@ -2,8 +2,8 @@ "id": "CVE-2023-21515", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-05-26T22:15:14.530", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:42:38.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:galaxy_store:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.49.8", + "matchCriteriaId": "89518C6A-E895-484C-9BF3-82EB9FE189A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-215xx/CVE-2023-21516.json b/CVE-2023/CVE-2023-215xx/CVE-2023-21516.json index 3b688eab750..f3b4dc15b34 100644 --- a/CVE-2023/CVE-2023-215xx/CVE-2023-21516.json +++ b/CVE-2023/CVE-2023-215xx/CVE-2023-21516.json @@ -2,8 +2,8 @@ "id": "CVE-2023-21516", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-05-26T22:15:14.610", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:50:20.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:galaxy_store:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.5.49.8", + "matchCriteriaId": "89518C6A-E895-484C-9BF3-82EB9FE189A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=01", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-276xx/CVE-2023-27613.json b/CVE-2023/CVE-2023-276xx/CVE-2023-27613.json index 10293cea341..b74b9ca202d 100644 --- a/CVE-2023/CVE-2023-276xx/CVE-2023-27613.json +++ b/CVE-2023/CVE-2023-276xx/CVE-2023-27613.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27613", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-29T15:15:09.493", - "lastModified": "2023-05-30T12:52:56.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:58:19.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:monitorclick:forms_ada:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0", + "matchCriteriaId": "7BA95F42-7208-4004-92FF-B8B0B126E879" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/forms-ada-form-builder/wordpress-forms-ada-plugin-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2923.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2923.json index ccaa4b2fadd..7db05a688e7 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2923.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2923.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2923", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-27T08:15:10.297", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:57:06.737", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,8 +83,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -71,18 +103,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tenda:ac6_firmware:us_ac6v1.0br_v15.03.05.19:*:*:*:*:*:*:*", + "matchCriteriaId": "4B28F600-50DE-45AA-A94C-2FB6F87FDB39" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tenda:ac6:-:*:*:*:*:*:*:*", + "matchCriteriaId": "00830EE1-D0BB-462E-9F15-4E59560C14B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GleamingEyes/vul/blob/main/1.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.230077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.230077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2925.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2925.json index 8b425f86f8b..ea6b1c218f9 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2925.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2925.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2925", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-27T09:15:09.487", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:59:10.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webkul:krayin_crm:1.2.4:*:*:*:*:*:*:*", + "matchCriteriaId": "3C36F7DC-3A55-4F3E-B690-F32EE5779D36" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1t7JwP0Qyo6ye-2dt6XhA1ENHDwsnYjD3/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.230079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.230079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32311.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32311.json index b825a1bd40a..b3aebb276d9 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32311.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32311.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32311", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:16.507", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:52:19.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fit2cloud:cloudexplorer:*:*:*:*:lite:*:*:*", + "versionEndExcluding": "1.1.0", + "matchCriteriaId": "4387999F-17B1-40F5-94CB-DC446C21C6DC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hxjq-g9qv-pwq5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32315.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32315.json index 3d554601610..22f86c20d17 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32315.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32315.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32315", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:16.643", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:57:06.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +76,42 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.10.0", + "versionEndExcluding": "4.6.8", + "matchCriteriaId": "8E41A6C4-1A9E-4FF5-836D-578434F4AF86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.7.0.", + "versionEndExcluding": "4.7.5", + "matchCriteriaId": "976DC4DB-EB01-41EA-8401-56B8D6ED2382" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/igniterealtime/Openfire/security/advisories/GHSA-gw42-f939-fhvm", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Mitigation", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32316.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32316.json index da51278d1b8..60ffced1858 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32316.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32316.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32316", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:16.727", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:07:49.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fit2cloud:cloudexplorer:*:*:*:*:lite:*:*:*", + "versionEndExcluding": "1.1.0", + "matchCriteriaId": "4387999F-17B1-40F5-94CB-DC446C21C6DC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-cp3j-437h-4vwj", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32317.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32317.json index 682d6db56fb..3fccee067ea 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32317.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32317.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32317", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:16.950", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:27:00.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:autolabproject:autolab:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.11.0", + "matchCriteriaId": "F025235E-3D41-4053-8167-1D8D94A645FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/autolab/Autolab/commit/410a9228ee265f80692334d75eb2c3b4dac6f9e5", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/autolab/Autolab/security/advisories/GHSA-h8g5-vhm4-wx6g", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32319.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32319.json index d27263ca1ee..f280f110ae5 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32319.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32319.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32319", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:17.493", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T02:58:54.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-307" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "24.0.0", + "versionEndExcluding": "24.0.11", + "matchCriteriaId": "30C446CD-5CE2-4657-9481-B761EED09584" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "25.0.0", + "versionEndExcluding": "25.0.5", + "matchCriteriaId": "F53154D4-4C25-4C0B-8471-D3AE6C793976" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mr7q-xf62-fw54", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/nextcloud/server/pull/37227", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32321.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32321.json index b76d66eb2ad..5d2da74ce83 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32321.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32321.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32321", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-26T23:15:18.010", - "lastModified": "2023-06-02T16:15:09.777", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-06-03T03:57:51.573", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +76,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:okfn:ckan:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.9.0", + "versionEndExcluding": "2.9.9", + "matchCriteriaId": "D043745C-81D8-4200-920E-5A4B0BEAC86B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:okfn:ckan:2.10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5B88933D-4004-4D42-BB4F-8552FA2A7871" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ckan/ckan/blob/2a6080e61d5601fa0e2a0317afd6a8e9b7abf6dd/CHANGELOG.rst", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/ckan/ckan/security/advisories/GHSA-446m-hmmm-hm8m", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json index e79f12d7593..b8308ca5382 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32325", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-27T00:15:09.600", - "lastModified": "2023-05-28T02:28:04.970", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:54:19.633", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:posthog:posthog-js:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.57.2", + "matchCriteriaId": "119806F3-197A-4D09-9FC3-E858514A6075" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/PostHog/posthog-js/commit/67e07eb8bb271a3a6f4aa251382e4d25abb385a0", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/PostHog/posthog-js/security/advisories/GHSA-8775-5hwv-wr6v", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32762.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32762.json index 6a61c078a26..17a280d69b2 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32762.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32762.json @@ -2,27 +2,104 @@ "id": "CVE-2023-32762", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-28T23:15:09.570", - "lastModified": "2023-05-30T12:52:56.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:57:36.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.14", + "matchCriteriaId": "006030F9-35BF-489D-8C3F-14ECF93518C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.2.9", + "matchCriteriaId": "513DDB0D-A132-4046-8B49-D2776E585826" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3.0", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "116DC3F0-630E-43F6-AD19-0ABB41CF3D70" + } + ] + } + ] + } + ], "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476140", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/qt/qtbase/commit/1b736a815be0222f4b24289cf17575fc15707305", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000414.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32763.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32763.json index e384e1ece7a..4d721f7898b 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32763.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32763.json @@ -2,23 +2,97 @@ "id": "CVE-2023-32763", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-28T23:15:09.620", - "lastModified": "2023-05-30T12:52:56.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-03T03:58:52.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.15.15", + "matchCriteriaId": "19F5F946-5DD7-4F8D-8171-83BB0D9C5048" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.2.9", + "matchCriteriaId": "513DDB0D-A132-4046-8B49-D2776E585826" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.3.0", + "versionEndExcluding": "6.5.1", + "matchCriteriaId": "116DC3F0-630E-43F6-AD19-0ABB41CF3D70" + } + ] + } + ] + } + ], "references": [ { "url": "https://codereview.qt-project.org/c/qt/qtbase/+/476125", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.qt-project.org/pipermail/announce/2023-May/000413.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 5d2bfe8b121..82bf2aedbc1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-03T02:00:24.676648+00:00 +2023-06-03T04:00:24.432795+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-03T01:15:36.693000+00:00 +2023-06-03T03:59:10.540000+00:00 ``` ### Last Data Feed Release @@ -29,27 +29,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -216797 +216799 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `2` -* [CVE-2023-2781](CVE-2023/CVE-2023-27xx/CVE-2023-2781.json) (`2023-06-03T00:15:09.353`) -* [CVE-2023-3051](CVE-2023/CVE-2023-30xx/CVE-2023-3051.json) (`2023-06-03T00:15:09.437`) -* [CVE-2023-3052](CVE-2023/CVE-2023-30xx/CVE-2023-3052.json) (`2023-06-03T00:15:09.503`) -* [CVE-2023-3053](CVE-2023/CVE-2023-30xx/CVE-2023-3053.json) (`2023-06-03T00:15:09.570`) -* [CVE-2023-3055](CVE-2023/CVE-2023-30xx/CVE-2023-3055.json) (`2023-06-03T00:15:09.637`) -* [CVE-2023-33143](CVE-2023/CVE-2023-331xx/CVE-2023-33143.json) (`2023-06-03T01:15:36.693`) +* [CVE-2023-0583](CVE-2023/CVE-2023-05xx/CVE-2023-0583.json) (`2023-06-03T02:15:09.050`) +* [CVE-2023-0584](CVE-2023/CVE-2023-05xx/CVE-2023-0584.json) (`2023-06-03T02:15:09.120`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `16` -* [CVE-2023-2999](CVE-2023/CVE-2023-29xx/CVE-2023-2999.json) (`2023-06-03T00:44:02.940`) -* [CVE-2023-2998](CVE-2023/CVE-2023-29xx/CVE-2023-2998.json) (`2023-06-03T00:44:42.607`) +* [CVE-2023-32319](CVE-2023/CVE-2023-323xx/CVE-2023-32319.json) (`2023-06-03T02:58:54.227`) +* [CVE-2023-32316](CVE-2023/CVE-2023-323xx/CVE-2023-32316.json) (`2023-06-03T03:07:49.543`) +* [CVE-2023-32317](CVE-2023/CVE-2023-323xx/CVE-2023-32317.json) (`2023-06-03T03:27:00.970`) +* [CVE-2023-21514](CVE-2023/CVE-2023-215xx/CVE-2023-21514.json) (`2023-06-03T03:34:16.450`) +* [CVE-2023-21515](CVE-2023/CVE-2023-215xx/CVE-2023-21515.json) (`2023-06-03T03:42:38.067`) +* [CVE-2023-21516](CVE-2023/CVE-2023-215xx/CVE-2023-21516.json) (`2023-06-03T03:50:20.003`) +* [CVE-2023-32311](CVE-2023/CVE-2023-323xx/CVE-2023-32311.json) (`2023-06-03T03:52:19.483`) +* [CVE-2023-32325](CVE-2023/CVE-2023-323xx/CVE-2023-32325.json) (`2023-06-03T03:54:19.633`) +* [CVE-2023-1664](CVE-2023/CVE-2023-16xx/CVE-2023-1664.json) (`2023-06-03T03:56:45.087`) +* [CVE-2023-2923](CVE-2023/CVE-2023-29xx/CVE-2023-2923.json) (`2023-06-03T03:57:06.737`) +* [CVE-2023-32315](CVE-2023/CVE-2023-323xx/CVE-2023-32315.json) (`2023-06-03T03:57:06.817`) +* [CVE-2023-32762](CVE-2023/CVE-2023-327xx/CVE-2023-32762.json) (`2023-06-03T03:57:36.630`) +* [CVE-2023-32321](CVE-2023/CVE-2023-323xx/CVE-2023-32321.json) (`2023-06-03T03:57:51.573`) +* [CVE-2023-27613](CVE-2023/CVE-2023-276xx/CVE-2023-27613.json) (`2023-06-03T03:58:19.157`) +* [CVE-2023-32763](CVE-2023/CVE-2023-327xx/CVE-2023-32763.json) (`2023-06-03T03:58:52.207`) +* [CVE-2023-2925](CVE-2023/CVE-2023-29xx/CVE-2023-2925.json) (`2023-06-03T03:59:10.540`) ## Download and Usage