admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-04T16:00:25.332114+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-04 18:00:28 +02:00
parent ab34f671b2
commit 21be97097b
29 changed files with 2777 additions and 142 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
CVE-2022/CVE-2022-296xx/CVE-2022-29604.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2022-29604",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T13:15:07.307",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:38:23.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-178"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD1D050-BBF8-45B6-9B4E-93FC5D062414"
}
]
}
]
}
],
"references": [
{
"url": "https://wiki.onosproject.org/display/ONOS/Intent+Framework",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

70
CVE-2022/CVE-2022-296xx/CVE-2022-29605.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2022-29605",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-20T13:15:07.377",
"lastModified": "2023-04-20T13:15:13.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:35:35.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in ONOS 2.5.1. IntentManager attempts to install the IPv6 flow rules of an intent into an OpenFlow 1.0 switch that does not support IPv6. Improper handling of the difference in capabilities of the intent and switch is misleading to a network operator."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-670"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:opennetworking:onos:2.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD1D050-BBF8-45B6-9B4E-93FC5D062414"
}
]
}
]
}
],
"references": [
{
"url": "https://wiki.onosproject.org/display/ONOS/Intent+Framework",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Technical Description",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-16xx/CVE-2023-1624.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1624",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-04-24T19:15:09.693",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:30:50.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The WPCode WordPress plugin before 2.0.9 has a flawed CSRF when deleting log, and does not ensure that the file to be deleted is inside the expected folder. This could allow attackers to make users with the wpcode_activate_snippets capability delete arbitrary log files on the server, including outside of the blog folders"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpcode:wpcode:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.9",
"matchCriteriaId": "8695F540-99C6-4023-A002-7DA916F16E53"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/132b70e5-4368-43b4-81f6-2d01bc09dc8f",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

105
CVE-2023/CVE-2023-20xx/CVE-2023-2006.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2006",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-24T21:15:09.283",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:42:56.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,18 +56,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1",
"matchCriteriaId": "9064B383-DD48-40A2-8947-F5BA6E6B6713"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*",
"matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*",
"matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*",
"matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*",
"matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*",
"matchCriteriaId": "3FFFB0B3-930D-408A-91E2-BAE0C2715D80"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189112",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/3bcd6c7eaa53",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-439/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

90
CVE-2023/CVE-2023-20xx/CVE-2023-2019.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2019",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-24T21:15:09.347",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:42:28.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux kernel's netdevsim device driver, within the scheduling of events. This issue results from the improper management of a reference count. This may allow an attacker to create a denial of service condition on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,18 +56,63 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"matchCriteriaId": "87B81C9D-7173-4FFB-97BC-9C41AB20A53C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189137",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/180a6a3ee60a",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-17811/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

360
CVE-2023/CVE-2023-229xx/CVE-2023-22914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22914",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-04-24T17:15:09.627",
"lastModified": "2023-04-24T17:43:16.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:32:03.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
@ -46,10 +76,334 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "FFE84F5F-0D2D-4B13-8B11-061D6AF36E0D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "E0248888-B2CD-4CAA-8475-B9CD68CDA4C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "BB46C274-12D1-4155-AB7B-6FE9282FD307"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "513FCF86-307E-4230-9A59-653BE2450525"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "FE6D206F-B365-408A-9200-656B9C6A4AEE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3C7F5651-F9E1-4F7C-84BD-AF06ADDCBF82"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3473C5D7-91AC-4FCA-851D-D6583B42F768"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3E3AC1DD-9BD8-42AD-A443-BCCBA6A4F27B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "06C109E1-5D08-41E7-BDB2-8D53CA87FCA8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "16394FD3-8C28-4AD8-AE57-4C61D5E69D3E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "FD0F0319-5402-4E2D-8E79-8C492422438D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
"source": "security@zyxel.com.tw"
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
]
}
]
}

389
CVE-2023/CVE-2023-229xx/CVE-2023-22915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22915",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-04-24T17:15:09.690",
"lastModified": "2023-04-24T17:43:16.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:44:10.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
@ -46,10 +76,363 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "FFE84F5F-0D2D-4B13-8B11-061D6AF36E0D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "E0248888-B2CD-4CAA-8475-B9CD68CDA4C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "BB46C274-12D1-4155-AB7B-6FE9282FD307"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "513FCF86-307E-4230-9A59-653BE2450525"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.30",
"versionEndIncluding": "5.35",
"matchCriteriaId": "44C99310-56C3-4392-8D68-8290A209B2DA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3C7F5651-F9E1-4F7C-84BD-AF06ADDCBF82"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3473C5D7-91AC-4FCA-851D-D6583B42F768"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3E3AC1DD-9BD8-42AD-A443-BCCBA6A4F27B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81D90A7B-174F-40A1-8AF4-08B15B7BAC40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "06C109E1-5D08-41E7-BDB2-8D53CA87FCA8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EECD311A-4E96-4576-AADF-47291EDE3559"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "16394FD3-8C28-4AD8-AE57-4C61D5E69D3E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3C45C303-1A95-4245-B242-3AB9B9106CD4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.50",
"versionEndIncluding": "5.35",
"matchCriteriaId": "FD0F0319-5402-4E2D-8E79-8C492422438D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E3AC823-0ECA-42D8-8312-2FBE5914E4C0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.30",
"versionEndIncluding": "5.35",
"matchCriteriaId": "3C160661-113D-4B5A-A253-FEB1E4CBB267"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-of-firewalls-and-aps",
"source": "security@zyxel.com.tw"
"source": "security@zyxel.com.tw",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-22xx/CVE-2023-2250.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2250",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-24T21:15:09.410",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:41:52.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. A malicious user can take advantage of this and bind the cluster-admin to any service account or using the service account to list all secrets for all kubernetes namespaces, leading into a cluster-level privilege escalation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -27,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:open_cluster_management:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0834F4B0-F5C7-43E7-9A7E-74B7FA455A6F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/open-cluster-management-io/registration-operator/pull/344",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

81
CVE-2023/CVE-2023-22xx/CVE-2023-2257.json
View File

@ -2,19 +2,92 @@
"id": "CVE-2023-2257",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-04-24T19:15:09.820",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:55:03.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Authentication Bypass in Hub Business integration in Devolutions Workspace Desktop 2023.1.1.3 and earlier on Windows and macOS allows an attacker with access to the user interface to unlock a Hub \nBusiness space without being prompted to enter the password via an \nunimplemented \"Force Login\" security feature.\n\nThis vulnerability occurs only if \"Force Login\" feature is enabled on the Hub Business instance and that an attacker has access to a locked Workspace desktop application configured with a Hub Business space.\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:workspace:*:*:*:*:desktop:*:*:*",
"versionEndExcluding": "2023.1.1.4",
"matchCriteriaId": "4C4BA203-752A-421F-9A01-4127E6E3DDE7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2023-0011",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-22xx/CVE-2023-2282.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2282",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-04-25T19:15:11.100",
"lastModified": "2023-05-04T15:16:53.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in the Web Login listener in Devolutions Remote Desktop Manager 2023.1.22 and earlier on Windows allows an authenticated user to bypass administrator-enforced Web Login restrictions and gain access to entries via an unexpected vector.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:remote_desktop_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023.1.22",
"matchCriteriaId": "7D029076-CEDD-4678-9B60-390670047C15"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2023-0012",
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}
]
}

320
CVE-2023/CVE-2023-234xx/CVE-2023-23451.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-23451",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-04-19T23:15:06.970",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:24:37.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1 FLEXI ETHERNET GATEW., SICK UE410-EN3S04 FLEXI ETHERNET GATEW., SICK UE410-EN4 FLEXI ETHERNET GATEW., SICK FX0-GENT00000 FLEXISOFT EIP GATEW., SICK FX0-GMOD00000 FLEXISOFT MOD GATEW., SICK FX0-GPNT00000 FLEXISOFT PNET GATEW., SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 and SICK FX0-GMOD00010 FLEXISOFT MOD GW. have Telnet enabled by factory default. No password is set in the default configuration. Gateways with a serial number >2311xxxx have the Telnet interface disabled by factory default."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "psirt@sick.de",
"type": "Secondary",
@ -23,10 +56,289 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en3_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA9F3C9-61F5-4C21-9650-76C0FC9C51EE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4F4C5D33-6A97-4509-8151-65D79F03F18A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF96D6FC-3053-433E-8B7D-CEA3C7FC7CBA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A963DB6B-C9A9-4B1D-A239-C7B608F2CBD1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en3s04_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB62B37C-E8E4-4305-8F6A-127765CC54AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en3s04:-:*:*:*:*:*:*:*",
"matchCriteriaId": "06416A50-B978-4F67-AA50-010ECBD2DB2F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:ue410-en4_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "30951A8A-8B78-4F58-8E8B-5697F89B332A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:ue410-en4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "593FA8EA-007A-47C0-9F22-89E420BBE0D4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gent00000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.11.0",
"matchCriteriaId": "87586615-29B4-46E4-9CE7-F7BB8F012155"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gent00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB590A4-F5E4-4A17-B5A6-33A995C96BAB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gmod00000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.11.0",
"matchCriteriaId": "042B4FDB-BC05-43D6-84FC-F65203CDBE0D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gmod00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D96296E7-65D3-4C0A-8126-4AA8BEF85B39"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gpnt00000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.12.0",
"matchCriteriaId": "61F9ADB1-DBED-4AC6-9CED-C0CCAC7C31F7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gpnt00000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF3BF752-4F49-4E90-9790-1913ED64D8B3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gent00030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F133BB19-8D61-4BD7-B706-A3FD81E71ECD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gent00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1809BCF9-541E-4348-87A3-4CB37D680704"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gpnt00030_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96A20EA8-57F4-4CDD-8F44-F02E2FC010AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gpnt00030:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CABEFF4-C0A4-4054-8174-7B3762BC0C3F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:sick:fx0-gmod00010_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.11.0",
"matchCriteriaId": "D09286BA-A20C-44DA-BE0C-98EF4851BA73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:sick:fx0-gmod00010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97742720-A8E3-49FE-BE43-EFF720F3D52D"
}
]
}
]
}
],
"references": [
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
"source": "psirt@sick.de",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-234xx/CVE-2023-23470.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-23470",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-04T14:15:08.847",
"lastModified": "2023-05-04T14:15:08.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM i 7.2, 7.3, 7.4, and 7.5 could allow an authenticated privileged administrator to gain elevated privileges in non-default configurations, as a result of improper SQL processing. By using a specially crafted SQL operation, the administrator could exploit the vulnerability to perform additional administrator operations. IBM X-Force ID: 244510."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244510",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6987767",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2023/CVE-2023-249xx/CVE-2023-24958.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-24958",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-04T14:15:10.173",
"lastModified": "2023-05-04T14:15:10.173",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and 8.53.0.63 could allow an authenticated user to submit a specially crafted URL leading to privilege escalation and remote code execution. IBM X-Force ID: 246320."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/246320",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6980845",
"source": "psirt@us.ibm.com"
}
]
}

55
CVE-2023/CVE-2023-260xx/CVE-2023-26010.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-26010",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T14:15:10.593",
"lastModified": "2023-05-04T14:15:10.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPMobile.App plugin <=\u00a011.18 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpappninja/wordpress-wpmobile-app-android-and-ios-mobile-application-plugin-11-18-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-260xx/CVE-2023-26012.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-26012",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-04T14:15:11.090",
"lastModified": "2023-05-04T14:15:11.090",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Denzel Chia | Phire Design Custom Login Page plugin <=\u00a02.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-custom-login-page/wordpress-custom-login-page-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

64
CVE-2023/CVE-2023-260xx/CVE-2023-26061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26061",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T17:15:10.627",
"lastModified": "2023-04-24T17:43:16.267",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:20:01.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20.1",
"matchCriteriaId": "C5E0663C-CBA9-4808-895C-7E2A04D919F3"
}
]
}
]
}
],
"references": [
{
"url": "https://nokia.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.ptsecurity.com/ww-en/analytics/threatscape/pt-2022-05/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-280xx/CVE-2023-28086.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-28086",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-04-25T19:15:10.753",
"lastModified": "2023-05-04T14:56:37.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An HPE OneView appliance dump may expose proxy credential settings"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "6.60.04",
"matchCriteriaId": "BA5D7ED2-08B6-478C-BC68-F9B6B84A9666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "1489D2EF-12C5-4540-A69E-326B4C41A4E3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-280xx/CVE-2023-28087.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-28087",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-04-25T19:15:10.817",
"lastModified": "2023-05-04T14:53:25.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An HPE OneView appliance dump may expose OneView user accounts"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "6.60.04",
"matchCriteriaId": "BA5D7ED2-08B6-478C-BC68-F9B6B84A9666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "1489D2EF-12C5-4540-A69E-326B4C41A4E3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-280xx/CVE-2023-28088.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-28088",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-04-25T19:15:10.873",
"lastModified": "2023-05-04T14:30:04.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An HPE OneView appliance dump may expose SAN switch administrative credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "6.60.04",
"matchCriteriaId": "BA5D7ED2-08B6-478C-BC68-F9B6B84A9666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "1489D2EF-12C5-4540-A69E-326B4C41A4E3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-280xx/CVE-2023-28089.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-28089",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-04-25T19:15:10.927",
"lastModified": "2023-05-04T14:27:34.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An HPE OneView appliance dump may expose FTP credentials for c7000 Interconnect Modules"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "6.60.04",
"matchCriteriaId": "BA5D7ED2-08B6-478C-BC68-F9B6B84A9666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "1489D2EF-12C5-4540-A69E-326B4C41A4E3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-280xx/CVE-2023-28090.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2023-28090",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-04-25T19:15:10.980",
"lastModified": "2023-05-04T14:16:23.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An HPE OneView appliance dump may expose SNMPv3 read credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "6.60.04",
"matchCriteriaId": "BA5D7ED2-08B6-478C-BC68-F9B6B84A9666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:oneview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "1489D2EF-12C5-4540-A69E-326B4C41A4E3"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04469en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-290xx/CVE-2023-29019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29019",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-21T23:15:20.197",
"lastModified": "2023-04-24T13:02:13.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:43:34.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,20 +64,64 @@
"value": "CWE-384"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fastify:passport:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.1.0",
"matchCriteriaId": "3F071BA9-FBA0-4860-9B99-9D48230422D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fastify:passport:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.3.0",
"matchCriteriaId": "341AD078-D84A-45B6-876F-7FA286EECAAA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fastify/fastify-passport/commit/43c82c321db58ea3e375dd475de60befbfcf2a11",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/fastify/fastify-passport/security/advisories/GHSA-4m3m-ppvx-xgw9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://owasp.org/www-community/attacks/Session_fixation",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
}
]
}

81
CVE-2023/CVE-2023-297xx/CVE-2023-29780.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-29780",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-24T19:15:09.767",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:54:20.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:3reality:3rsb015bz_firmware:1.00.54:*:*:*:*:*:*:*",
"matchCriteriaId": "7E00DF2A-7E43-43AD-9D6A-F4FA98033AEC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:3reality:3rsb015bz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "856A30F4-A58D-477E-86E3-7AFCF6595549"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/iot-sec23/IoT-CVE/blob/main/Third%20Reality%20Smart%20Blind%20Vulnerability%20Report.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.3reality.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

20
CVE-2023/CVE-2023-298xx/CVE-2023-29827.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29827",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T14:15:11.363",
"lastModified": "2023-05-04T14:15:11.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ejs v3.1.9 is vulnerable to server-side template injection. If the ejs file is controllable, template injection can be implemented through the configuration settings of the closeDelimiter parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mde/ejs/issues/720",
"source": "cve@mitre.org"
}
]
}

67
CVE-2023/CVE-2023-306xx/CVE-2023-30619.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-30619",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-04T14:15:11.663",
"lastModified": "2023-05-04T14:15:11.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tuleap Open ALM is a Libre and Open Source tool for end to end traceability of application and system developments. The title of an artifact is not properly escaped in the tooltip. A malicious user with the capability to create an artifact or to edit a field title could force victim to execute uncontrolled code. This issue has been patched in version 14.7.99.143.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Enalean/tuleap/commit/fdc93a736cbccad05de16ff0cc7cc3ef18dc93df",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-7fm3-cr3g-5922",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=fdc93a736cbccad05de16ff0cc7cc3ef18dc93df",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=31586",
"source": "security-advisories@github.com"
}
]
}

58
CVE-2023/CVE-2023-306xx/CVE-2023-30623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30623",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T22:15:09.870",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T15:54:43.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wip_project:wip:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "D020BBA6-CF6E-436E-8D8E-CF85E0F7F490"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/embano1/wip/commit/c25450f77ed02c20d00b76ee3b33ff43838739a2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/embano1/wip/security/advisories/GHSA-rg3q-prf8-qxmp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://securitylab.github.com/research/github-actions-untrusted-input/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-306xx/CVE-2023-30626.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30626",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T21:15:09.687",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:09:25.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,30 +66,71 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.8.0",
"versionEndExcluding": "10.8.10",
"matchCriteriaId": "F5C18A18-B001-405D-9787-509225E4E7D2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jellyfin/jellyfin-web/security/advisories/GHSA-89hp-h43h-r5pq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/blob/22d880662283980dec994cd7d35fe269613bfce3/Jellyfin.Api/Controllers/ClientLogController.cs#L44",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/commit/82ad2633fdfb1c37a158057c7935f83e1129eda7",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/pull/5918",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/releases/tag/v10.8.10",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/security/advisories/GHSA-9p5f-5x8v-x65m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-306xx/CVE-2023-30627.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30627",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-24T21:15:09.760",
"lastModified": "2023-04-25T12:52:57.877",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-04T14:02:22.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.8.10",
"matchCriteriaId": "2987978F-8A1B-4CE2-BDC9-A6C5AAA9AE18"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jellyfin/jellyfin-web/commit/b88a5951e1a517ff4c820e693d9c0da981cf68ee",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/jellyfin/jellyfin-web/releases/tag/v10.8.10",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/jellyfin/jellyfin-web/security/advisories/GHSA-89hp-h43h-r5pq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/jellyfin/jellyfin/security/advisories/GHSA-9p5f-5x8v-x65m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

97
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-04T14:00:24.407451+00:00
2023-05-04T16:00:25.332114+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-04T13:58:41.697000+00:00
2023-05-04T15:55:03.020000+00:00
```
### Last Data Feed Release
@ -29,78 +29,47 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214049
214055
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `6`
* [CVE-2022-45818](CVE-2022/CVE-2022-458xx/CVE-2022-45818.json) (`2023-05-04T13:15:13.580`)
* [CVE-2023-25962](CVE-2023/CVE-2023-259xx/CVE-2023-25962.json) (`2023-05-04T13:15:18.060`)
* [CVE-2023-26016](CVE-2023/CVE-2023-260xx/CVE-2023-26016.json) (`2023-05-04T13:15:18.633`)
* [CVE-2023-23470](CVE-2023/CVE-2023-234xx/CVE-2023-23470.json) (`2023-05-04T14:15:08.847`)
* [CVE-2023-24958](CVE-2023/CVE-2023-249xx/CVE-2023-24958.json) (`2023-05-04T14:15:10.173`)
* [CVE-2023-26010](CVE-2023/CVE-2023-260xx/CVE-2023-26010.json) (`2023-05-04T14:15:10.593`)
* [CVE-2023-26012](CVE-2023/CVE-2023-260xx/CVE-2023-26012.json) (`2023-05-04T14:15:11.090`)
* [CVE-2023-29827](CVE-2023/CVE-2023-298xx/CVE-2023-29827.json) (`2023-05-04T14:15:11.363`)
* [CVE-2023-30619](CVE-2023/CVE-2023-306xx/CVE-2023-30619.json) (`2023-05-04T14:15:11.663`)
### CVEs modified in the last Commit
Recently modified CVEs: `56`
Recently modified CVEs: `22`
* [CVE-2017-11197](CVE-2017/CVE-2017-111xx/CVE-2017-11197.json) (`2023-05-04T13:03:15.830`)
* [CVE-2017-20184](CVE-2017/CVE-2017-201xx/CVE-2017-20184.json) (`2023-05-04T13:03:05.007`)
* [CVE-2020-22429](CVE-2020/CVE-2020-224xx/CVE-2020-22429.json) (`2023-05-04T13:03:12.273`)
* [CVE-2021-33971](CVE-2021/CVE-2021-339xx/CVE-2021-33971.json) (`2023-05-04T13:42:40.960`)
* [CVE-2021-3429](CVE-2021/CVE-2021-34xx/CVE-2021-3429.json) (`2023-05-04T13:00:46.217`)
* [CVE-2022-39161](CVE-2022/CVE-2022-391xx/CVE-2022-39161.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-4259](CVE-2022/CVE-2022-42xx/CVE-2022-4259.json) (`2023-05-04T13:03:05.007`)
* [CVE-2022-4376](CVE-2022/CVE-2022-43xx/CVE-2022-4376.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-43950](CVE-2022/CVE-2022-439xx/CVE-2022-43950.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-45858](CVE-2022/CVE-2022-458xx/CVE-2022-45858.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-45859](CVE-2022/CVE-2022-458xx/CVE-2022-45859.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-45860](CVE-2022/CVE-2022-458xx/CVE-2022-45860.json) (`2023-05-04T13:03:12.273`)
* [CVE-2022-47757](CVE-2022/CVE-2022-477xx/CVE-2022-47757.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-0155](CVE-2023/CVE-2023-01xx/CVE-2023-0155.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-0485](CVE-2023/CVE-2023-04xx/CVE-2023-0485.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-0756](CVE-2023/CVE-2023-07xx/CVE-2023-0756.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-0805](CVE-2023/CVE-2023-08xx/CVE-2023-0805.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-1178](CVE-2023/CVE-2023-11xx/CVE-2023-1178.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-1204](CVE-2023/CVE-2023-12xx/CVE-2023-1204.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-1265](CVE-2023/CVE-2023-12xx/CVE-2023-1265.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-1836](CVE-2023/CVE-2023-18xx/CVE-2023-1836.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-1965](CVE-2023/CVE-2023-19xx/CVE-2023-1965.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-2069](CVE-2023/CVE-2023-20xx/CVE-2023-2069.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-2182](CVE-2023/CVE-2023-21xx/CVE-2023-2182.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-22637](CVE-2023/CVE-2023-226xx/CVE-2023-22637.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-22640](CVE-2023/CVE-2023-226xx/CVE-2023-22640.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-22651](CVE-2023/CVE-2023-226xx/CVE-2023-22651.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-22913](CVE-2023/CVE-2023-229xx/CVE-2023-22913.json) (`2023-05-04T13:17:24.853`)
* [CVE-2023-22917](CVE-2023/CVE-2023-229xx/CVE-2023-22917.json) (`2023-05-04T13:28:13.717`)
* [CVE-2023-22948](CVE-2023/CVE-2023-229xx/CVE-2023-22948.json) (`2023-05-04T13:32:19.617`)
* [CVE-2023-22950](CVE-2023/CVE-2023-229xx/CVE-2023-22950.json) (`2023-05-04T13:31:57.710`)
* [CVE-2023-24744](CVE-2023/CVE-2023-247xx/CVE-2023-24744.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-25438](CVE-2023/CVE-2023-254xx/CVE-2023-25438.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-25934](CVE-2023/CVE-2023-259xx/CVE-2023-25934.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-26060](CVE-2023/CVE-2023-260xx/CVE-2023-26060.json) (`2023-05-04T13:52:08.417`)
* [CVE-2023-26125](CVE-2023/CVE-2023-261xx/CVE-2023-26125.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-26203](CVE-2023/CVE-2023-262xx/CVE-2023-26203.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-27075](CVE-2023/CVE-2023-270xx/CVE-2023-27075.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-27568](CVE-2023/CVE-2023-275xx/CVE-2023-27568.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-27993](CVE-2023/CVE-2023-279xx/CVE-2023-27993.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-27999](CVE-2023/CVE-2023-279xx/CVE-2023-27999.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-28458](CVE-2023/CVE-2023-284xx/CVE-2023-28458.json) (`2023-05-04T12:38:48.727`)
* [CVE-2023-28459](CVE-2023/CVE-2023-284xx/CVE-2023-28459.json) (`2023-05-04T12:38:31.430`)
* [CVE-2023-28983](CVE-2023/CVE-2023-289xx/CVE-2023-28983.json) (`2023-05-04T13:01:39.027`)
* [CVE-2023-29002](CVE-2023/CVE-2023-290xx/CVE-2023-29002.json) (`2023-05-04T13:01:18.917`)
* [CVE-2023-29842](CVE-2023/CVE-2023-298xx/CVE-2023-29842.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-30077](CVE-2023/CVE-2023-300xx/CVE-2023-30077.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-30204](CVE-2023/CVE-2023-302xx/CVE-2023-30204.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-30205](CVE-2023/CVE-2023-302xx/CVE-2023-30205.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-30300](CVE-2023/CVE-2023-303xx/CVE-2023-30300.json) (`2023-05-04T13:03:12.273`)
* [CVE-2023-30331](CVE-2023/CVE-2023-303xx/CVE-2023-30331.json) (`2023-05-04T13:03:05.007`)
* [CVE-2023-30410](CVE-2023/CVE-2023-304xx/CVE-2023-30410.json) (`2023-05-04T13:58:28.100`)
* [CVE-2023-30414](CVE-2023/CVE-2023-304xx/CVE-2023-30414.json) (`2023-05-04T13:58:41.697`)
* [CVE-2023-30618](CVE-2023/CVE-2023-306xx/CVE-2023-30618.json) (`2023-05-04T12:37:53.263`)
* [CVE-2023-30622](CVE-2023/CVE-2023-306xx/CVE-2023-30622.json) (`2023-05-04T12:53:56.153`)
* [CVE-2023-31099](CVE-2023/CVE-2023-310xx/CVE-2023-31099.json) (`2023-05-04T13:03:05.007`)
* [CVE-2022-29604](CVE-2022/CVE-2022-296xx/CVE-2022-29604.json) (`2023-05-04T15:38:23.023`)
* [CVE-2022-29605](CVE-2022/CVE-2022-296xx/CVE-2022-29605.json) (`2023-05-04T15:35:35.327`)
* [CVE-2023-1624](CVE-2023/CVE-2023-16xx/CVE-2023-1624.json) (`2023-05-04T15:30:50.530`)
* [CVE-2023-2006](CVE-2023/CVE-2023-20xx/CVE-2023-2006.json) (`2023-05-04T14:42:56.097`)
* [CVE-2023-2019](CVE-2023/CVE-2023-20xx/CVE-2023-2019.json) (`2023-05-04T14:42:28.350`)
* [CVE-2023-2250](CVE-2023/CVE-2023-22xx/CVE-2023-2250.json) (`2023-05-04T14:41:52.360`)
* [CVE-2023-2257](CVE-2023/CVE-2023-22xx/CVE-2023-2257.json) (`2023-05-04T15:55:03.020`)
* [CVE-2023-2282](CVE-2023/CVE-2023-22xx/CVE-2023-2282.json) (`2023-05-04T15:16:53.583`)
* [CVE-2023-22914](CVE-2023/CVE-2023-229xx/CVE-2023-22914.json) (`2023-05-04T14:32:03.143`)
* [CVE-2023-22915](CVE-2023/CVE-2023-229xx/CVE-2023-22915.json) (`2023-05-04T14:44:10.363`)
* [CVE-2023-23451](CVE-2023/CVE-2023-234xx/CVE-2023-23451.json) (`2023-05-04T15:24:37.877`)
* [CVE-2023-26061](CVE-2023/CVE-2023-260xx/CVE-2023-26061.json) (`2023-05-04T15:20:01.543`)
* [CVE-2023-28086](CVE-2023/CVE-2023-280xx/CVE-2023-28086.json) (`2023-05-04T14:56:37.440`)
* [CVE-2023-28087](CVE-2023/CVE-2023-280xx/CVE-2023-28087.json) (`2023-05-04T14:53:25.137`)
* [CVE-2023-28088](CVE-2023/CVE-2023-280xx/CVE-2023-28088.json) (`2023-05-04T14:30:04.933`)
* [CVE-2023-28089](CVE-2023/CVE-2023-280xx/CVE-2023-28089.json) (`2023-05-04T14:27:34.107`)
* [CVE-2023-28090](CVE-2023/CVE-2023-280xx/CVE-2023-28090.json) (`2023-05-04T14:16:23.857`)
* [CVE-2023-29019](CVE-2023/CVE-2023-290xx/CVE-2023-29019.json) (`2023-05-04T14:43:34.297`)
* [CVE-2023-29780](CVE-2023/CVE-2023-297xx/CVE-2023-29780.json) (`2023-05-04T15:54:20.907`)
* [CVE-2023-30623](CVE-2023/CVE-2023-306xx/CVE-2023-30623.json) (`2023-05-04T15:54:43.193`)
* [CVE-2023-30626](CVE-2023/CVE-2023-306xx/CVE-2023-30626.json) (`2023-05-04T14:09:25.893`)
* [CVE-2023-30627](CVE-2023/CVE-2023-306xx/CVE-2023-30627.json) (`2023-05-04T14:02:22.583`)
## Download and Usage