admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-28T18:00:25.208893+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-28 18:00:28 +00:00
parent ab1c5f0414
commit 247db77440
59 changed files with 4497 additions and 353 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
CVE-2014/CVE-2014-26xx/CVE-2014-2648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-2648",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2014-10-10T01:55:08.087",
"lastModified": "2019-10-09T23:10:17.573",
"vulnStatus": "Modified",
"lastModified": "2023-09-28T16:07:06.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -78,9 +78,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"vulnerable": false,
"criteria": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A90CB3A-9BE7-475C-9E75-6ECAD2106302"
}
]
}
@ -92,6 +92,7 @@
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04472866",
"source": "hp-security-alert@hp.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

8
CVE-2020/CVE-2020-191xx/CVE-2020-19189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-19189",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:01.020",
"lastModified": "2023-08-25T02:44:36.077",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-28T16:15:10.013",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -71,6 +71,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00033.html",
"source": "cve@mitre.org"
}
]
}

52
CVE-2022/CVE-2022-485xx/CVE-2022-48560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48560",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:31.827",
"lastModified": "2023-09-20T22:15:11.670",
"vulnStatus": "Modified",
"lastModified": "2023-09-28T16:05:50.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -53,12 +53,50 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.6.11",
"matchCriteriaId": "5F9F5F4E-6F2C-4780-9606-C42845E13FF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndIncluding": "3.9.0",
"matchCriteriaId": "FFF8C84C-9C4F-4D5A-BA22-1BD645F3D7AB"
"versionEndExcluding": "3.7.7",
"matchCriteriaId": "828A83C6-F100-486D-963B-363062C5FAA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.2",
"matchCriteriaId": "368003C0-1D3C-4A3D-A998-A2406DB72ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.9.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "2E45B3B6-8458-4C88-99FC-C21D6987AA41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.9.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "D05F0EE6-213A-48AF-8217-502681E10421"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
@ -78,7 +116,11 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

26
CVE-2022/CVE-2022-485xx/CVE-2022-48564.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48564",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:31.927",
"lastModified": "2023-08-26T02:19:42.870",
"lastModified": "2023-09-28T16:05:22.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,9 +56,27 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.4.0",
"versionEndIncluding": "3.10.0",
"matchCriteriaId": "453AFE7D-BB31-43A1-A0E8-1B35464927F7"
"versionEndExcluding": "3.7.7",
"matchCriteriaId": "4EED37C7-A681-40B6-BC79-A47AF7D9C495"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.2",
"matchCriteriaId": "368003C0-1D3C-4A3D-A998-A2406DB72ACB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.1",
"matchCriteriaId": "B6D7EFB7-52A8-4C10-B5F9-6F599F94CDC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:3.10.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "D3A22303-914F-4EB6-9CCE-EE0D5EDB424B"
}
]
}

50
CVE-2022/CVE-2022-485xx/CVE-2022-48565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48565",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:32.007",
"lastModified": "2023-09-20T22:15:11.847",
"vulnStatus": "Modified",
"lastModified": "2023-09-28T16:06:15.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -56,9 +56,44 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.9.1",
"matchCriteriaId": "B43C829B-7FDF-4D02-90BF-9EFE77EB8659"
"versionEndExcluding": "3.6.13",
"matchCriteriaId": "BB8842D9-B554-4B83-9E2E-0FAF292E448A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndExcluding": "3.7.10",
"matchCriteriaId": "EEB52F35-D464-4C26-A253-1B96B2A4921A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.7",
"matchCriteriaId": "0B3EA658-770C-4707-814A-494492D8962F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.1",
"matchCriteriaId": "B6D7EFB7-52A8-4C10-B5F9-6F599F94CDC7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
@ -78,7 +113,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-485xx/CVE-2022-48566.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48566",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:32.087",
"lastModified": "2023-09-20T22:15:12.050",
"vulnStatus": "Modified",
"lastModified": "2023-09-28T16:06:42.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -56,9 +56,44 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.9.1",
"matchCriteriaId": "B43C829B-7FDF-4D02-90BF-9EFE77EB8659"
"versionEndExcluding": "3.6.13",
"matchCriteriaId": "BB8842D9-B554-4B83-9E2E-0FAF292E448A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.7.0",
"versionEndExcluding": "3.7.10",
"matchCriteriaId": "EEB52F35-D464-4C26-A253-1B96B2A4921A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.8.0",
"versionEndExcluding": "3.8.7",
"matchCriteriaId": "0B3EA658-770C-4707-814A-494492D8962F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.9.0",
"versionEndExcluding": "3.9.1",
"matchCriteriaId": "B6D7EFB7-52A8-4C10-B5F9-6F599F94CDC7"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
@ -78,7 +113,11 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

105
CVE-2022/CVE-2022-486xx/CVE-2022-48606.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2022-48606",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:16:03.060",
"lastModified": "2023-09-27T15:41:20.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:40:49.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stability-related vulnerability in the binder background management and control module. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad relacionada con la estabilidad en el m\u00f3dulo de control y gesti\u00f3n en segundo plano del binder. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-304xx/CVE-2023-30415.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30415",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T16:15:10.563",
"lastModified": "2023-09-28T16:15:10.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/174758/Packers-And-Movers-Management-System-1.0-SQL-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "https://robsware.github.io/2023/09/01/firstcve",
"source": "cve@mitre.org"
}
]
}

10
CVE-2023/CVE-2023-306xx/CVE-2023-30630.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30630",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-13T16:15:07.930",
"lastModified": "2023-04-21T04:18:29.750",
"lastModified": "2023-09-28T17:54:17.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
"impactScore": 5.2
}
]
},

260
CVE-2023/CVE-2023-32xx/CVE-2023-3223.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3223",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-27T15:18:56.457",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:43:18.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en el undertow. Los servlets anotados con @MultipartConfig pueden causar un OutOfMemoryError debido a un gran contenido multiparte. Esto puede permitir que usuarios no autorizados provoquen un ataque remoto de denegaci\u00f3n de servicio (DoS). Si el servidor usa fileSizeThreshold para limitar el tama\u00f1o del archivo, es posible evitar el l\u00edmite estableciendo el nombre del archivo en la solicitud en nulo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,50 +58,260 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:undertow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.24",
"matchCriteriaId": "ADFD3441-27E7-4993-9EB5-586534A49865"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "EA983F8C-3A06-450A-AEFF-9429DE9A3454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "40449571-22F8-44FA-B57B-B43F71AB25E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8C519B1A-1CD6-426C-9339-F28E4FEF581B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "91EE3858-A648-44B4-B282-8F808D88D3B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "30E2CF79-2D56-48AB-952E-5DDAFE471073"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "54E24055-813B-4E6D-94B7-FAD5F78B8537"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform_text-only_advisories:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81E5B0F1-E150-4F22-9A9C-FB477540874C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:single_sign-on:-:*:*:*:text-only:*:*:*",
"matchCriteriaId": "341E6313-20D5-44CB-9719-B20585DC5AD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:single_sign-on:7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2DEC61BC-E699-456E-99B6-C049F2A5F23F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "645A908C-18C2-4AB1-ACE7-3969E3A552A5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:4505",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4506",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4507",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4509",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4918",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4919",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4920",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4921",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:4924",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3223",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209689",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-391xx/CVE-2023-39195.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-39195",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-28T17:15:11.223",
"lastModified": "2023-09-28T17:15:11.223",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** CVE-2023-39195 was found to be a duplicate of CVE-2023-42755. Please see https://access.redhat.com/security/cve/CVE-2023-42755 for more information."
}
],
"metrics": {},
"references": []
}

131
CVE-2023/CVE-2023-403xx/CVE-2023-40395.json
View File

@ -2,39 +2,152 @@
"id": "CVE-2023-40395",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:06.457",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:34:04.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access contacts."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a los contactos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "14.0",
"matchCriteriaId": "1FE2344E-3EEC-4F30-B9CB-6E3F8A663C4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-403xx/CVE-2023-40399.json
View File

@ -2,31 +2,128 @@
"id": "CVE-2023-40399",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:06.927",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:34:13.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to disclose kernel memory."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda revelar la memoria del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-404xx/CVE-2023-40400.json
View File

@ -2,31 +2,128 @@
"id": "CVE-2023-40400",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:07.467",
"lastModified": "2023-09-27T15:41:01.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:34:55.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. Un usuario remoto puede provocar la finalizaci\u00f3n inesperada de una aplicaci\u00f3n o la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

137
CVE-2023/CVE-2023-404xx/CVE-2023-40403.json
View File

@ -2,43 +2,160 @@
"id": "CVE-2023-40403",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:08.120",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:35:06.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may disclose sensitive information."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. El procesamiento de contenido web puede revelar informaci\u00f3n sensible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

89
CVE-2023/CVE-2023-404xx/CVE-2023-40406.json
View File

@ -2,27 +2,104 @@
"id": "CVE-2023-40406",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:08.360",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:35:13.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, macOS Sonoma 14. An app may be able to read arbitrary files."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en macOS Monterey 12.7, macOS Ventura 13.6, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda leer archivos arbitrarios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

131
CVE-2023/CVE-2023-404xx/CVE-2023-40410.json
View File

@ -2,39 +2,152 @@
"id": "CVE-2023-40410",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:08.987",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:36:35.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory."
},
{
"lang": "es",
"value": "Se solucion\u00f3 una lectura fuera de l\u00edmites con una validaci\u00f3n de entrada mejorada. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda revelar la memoria del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

125
CVE-2023/CVE-2023-404xx/CVE-2023-40412.json
View File

@ -2,35 +2,144 @@
"id": "CVE-2023-40412",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:09.060",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:36:43.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-404xx/CVE-2023-40417.json
View File

@ -2,31 +2,128 @@
"id": "CVE-2023-40417",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:09.143",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:36:53.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A window management issue was addressed with improved state management. This issue is fixed in Safari 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Visiting a website that frames malicious content may lead to UI spoofing."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de gesti\u00f3n de ventanas mejorando la gesti\u00f3n del estado. Este problema se solucion\u00f3 en Safari 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. Visitar un sitio web que enmarque contenido malicioso puede provocar una suplantaci\u00f3n de la interfaz de usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93FB6D0F-A668-47CF-A63D-755CA3BA259A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213941",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-404xx/CVE-2023-40418.json
View File

@ -2,19 +2,97 @@
"id": "CVE-2023-40418",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:09.213",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:38:02.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una gesti\u00f3n de estado mejorada. Este problema se solucion\u00f3 en watchOS 10. Es posible que un Apple Watch Ultra no se bloquee cuando se usa la aplicaci\u00f3n Depth."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:apple:watch_ultra:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74A68CE9-752C-4071-BC48-05DE830DFAC6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:apple:watch_ultra_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F86A5C-DACA-4933-85CD-C0E45DE43DAD"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-404xx/CVE-2023-40419.json
View File

@ -2,27 +2,114 @@
"id": "CVE-2023-40419",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:09.297",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:38:11.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to gain elevated privileges."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. Es posible que una aplicaci\u00f3n pueda obtener privilegios elevados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

137
CVE-2023/CVE-2023-404xx/CVE-2023-40420.json
View File

@ -2,43 +2,160 @@
"id": "CVE-2023-40420",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:09.533",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:38:19.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. El procesamiento de contenido web puede provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-404xx/CVE-2023-40422.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-40422",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:10.417",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:38:25.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to cause a denial-of-service."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-404xx/CVE-2023-40424.json
View File

@ -2,27 +2,114 @@
"id": "CVE-2023-40424",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:11.160",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T17:38:30.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to access user-sensitive data."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a datos sensibles del usuario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-404xx/CVE-2023-40435.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-40435",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:15.613",
"lastModified": "2023-09-27T15:41:01.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:57:04.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed by enabling hardened runtime. This issue is fixed in Xcode 15. An app may be able to access App Store credentials."
},
{
"lang": "es",
"value": "Este problema se solucion\u00f3 habilitando el tiempo de ejecuci\u00f3n reforzado. Este problema se solucion\u00f3 en Xcode 15. Es posible que una aplicaci\u00f3n pueda acceder a las credenciales de la App Store."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.0",
"matchCriteriaId": "3F8A729D-45AA-4E88-AB5B-E2C1241834D0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213939",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-405xx/CVE-2023-40520.json
View File

@ -2,27 +2,111 @@
"id": "CVE-2023-40520",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:19.293",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:43:32.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to access edited photos saved to a temporary directory."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. Es posible que una aplicaci\u00f3n pueda acceder a las fotos editadas guardadas en un directorio temporal."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40663.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40663",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:21.140",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:40:06.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rextheme WP VR plugin <=\u00a08.3.4 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Rextheme WP VR en versiones &lt;= 8.3.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rextheme:wp_vr:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.3.4",
"matchCriteriaId": "3A111869-87A3-4BAA-B07B-D7A2965000FD"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpvr/wordpress-wp-vr-plugin-8-3-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40664.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40664",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:21.607",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:47:59.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy \u2013 Smart Donations plugin <=\u00a04.0.12 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento RedNao Donations Made Easy \u2013 Smart Donations en versiones &lt;= 4.0.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rednao:smart_donations:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.12",
"matchCriteriaId": "1458929D-F542-48E5-B5E4-B2016077739A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/smart-donations/wordpress-donations-made-easy-smart-donations-plugin-4-0-12-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40667.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40667",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:22.587",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:18:03.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Simple URLs plugin <=\u00a0117 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Lasso Simple URLs en versiones &lt;= 117."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getlasso:simple_urls:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "117",
"matchCriteriaId": "53061F55-E040-4E23-AE2B-83F3EFF78B12"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-urls/wordpress-simple-urls-plugin-117-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-410xx/CVE-2023-41063.json
View File

@ -2,35 +2,125 @@
"id": "CVE-2023-41063",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:24.917",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:16:01.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-410xx/CVE-2023-41065.json
View File

@ -2,31 +2,128 @@
"id": "CVE-2023-41065",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:25.397",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:15:51.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. An app may be able to read sensitive location information."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n sensible de ubicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-410xx/CVE-2023-41066.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-41066",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:25.900",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:15:20.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to unexpectedly leak a user's credentials from secure text fields."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de autenticaci\u00f3n con una gesti\u00f3n de estado mejorada. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda filtrar inesperadamente las credenciales de un usuario desde campos de texto seguros."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-410xx/CVE-2023-41067.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-41067",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.023",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:15:02.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en macOS Sonoma 14. Una aplicaci\u00f3n puede pasar por alto las comprobaciones de Gatekeeper."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

105
CVE-2023/CVE-2023-410xx/CVE-2023-41068.json
View File

@ -2,31 +2,122 @@
"id": "CVE-2023-41068",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.157",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:14:49.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7. A user may be able to elevate privileges."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de acceso mejorando las restricciones de acceso. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, iOS 16.7 y iPadOS 16.7. Un usuario puede aumentar sus privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-410xx/CVE-2023-41070.json
View File

@ -2,35 +2,131 @@
"id": "CVE-2023-41070",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.273",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:14:34.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de l\u00f3gica con controles mejorados. Este problema se solucion\u00f3 en macOS Ventura 13.6, iOS 16.7 y iPadOS 16.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a datos sensibles registrados cuando un usuario comparte un enlace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-410xx/CVE-2023-41071.json
View File

@ -2,31 +2,129 @@
"id": "CVE-2023-41071",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.373",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:13:52.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Ventura 13.6. An app may be able to execute arbitrary code with kernel privileges."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de use-after-free con una gesti\u00f3n de memoria mejorada. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10, macOS Ventura 13.6. Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

137
CVE-2023/CVE-2023-410xx/CVE-2023-41073.json
View File

@ -2,43 +2,160 @@
"id": "CVE-2023-41073",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.463",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:13:38.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authorization issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access protected user data."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema de autorizaci\u00f3n con una mejor gesti\u00f3n estatal. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a datos de usuario protegidos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

125
CVE-2023/CVE-2023-410xx/CVE-2023-41074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41074",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.570",
"lastModified": "2023-09-28T15:15:11.770",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T16:58:52.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,138 @@
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. El procesamiento de contenido web puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93FB6D0F-A668-47CF-A63D-755CA3BA259A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/3",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213941",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-410xx/CVE-2023-41078.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-41078",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.683",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:28:17.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authorization issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14. An app may be able to bypass certain Privacy preferences."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema de autorizaci\u00f3n con una mejor gesti\u00f3n estatal. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda omitir ciertas preferencias de privacidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-411xx/CVE-2023-41174.json
View File

@ -2,27 +2,114 @@
"id": "CVE-2023-41174",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.867",
"lastModified": "2023-09-27T15:41:07.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:29:44.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to execute arbitrary code with kernel privileges."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de la memoria. Este problema se solucion\u00f3 en tvOS 17, iOS 17 y iPadOS 17, watchOS 10. Es posible que una aplicaci\u00f3n pueda ejecutar c\u00f3digo arbitrario con privilegios del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

107
CVE-2023/CVE-2023-412xx/CVE-2023-41232.json
View File

@ -2,31 +2,124 @@
"id": "CVE-2023-41232",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.957",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:47:02.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.7, iOS 17 and iPadOS 17, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. An app may be able to disclose kernel memory."
},
{
"lang": "es",
"value": "Se solucion\u00f3 una lectura fuera de l\u00edmites con una verificaci\u00f3n de l\u00edmites mejorada. Este problema se solucion\u00f3 en macOS Monterey 12.7, iOS 17 y iPadOS 17, macOS Ventura 13.6, iOS 16.7 y iPadOS 16.7. Es posible que una aplicaci\u00f3n pueda revelar la memoria del kernel."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "1CEB5BA1-7092-4ADE-B19F-FD34CB53CCC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.7",
"matchCriteriaId": "3FC8EB94-1D4F-4CE8-83D0-9086D1EBBC8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "38A33420-FEB8-498F-A513-5DC0EEC52B1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-412xx/CVE-2023-41242.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41242",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:28.310",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:44:54.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hassan Ali Snap Pixel plugin <=\u00a01.5.7 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Hassan Ali Snap Pixel en versiones &lt;= 1.5.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:creativehassan:snap_pixel:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.7",
"matchCriteriaId": "12424E62-BBF4-409A-81C3-C03FF68C656B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/snap-pixel/wordpress-snap-pixel-plugin-1-5-7-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-413xx/CVE-2023-41305.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-41305",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:28.437",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:06:00.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of 5G messages being sent without being encrypted in a VPN environment in the SMS message module. Successful exploitation of this vulnerability may affect confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad del env\u00edo de mensajes 5G sin estar cifrados en un entorno VPN en el m\u00f3dulo de mensajes SMS. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-413xx/CVE-2023-41306.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-41306",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:28.560",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:10:39.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable."
},
{
"lang": "es",
"value": "Vulnerabilidad de la gesti\u00f3n de mutex en el m\u00f3dulo de aplicaci\u00f3n confiable (TA) de identificaci\u00f3n de voz bone. La explotaci\u00f3n exitosa de esta vulnerabilidad puede hacer que la funci\u00f3n de identificaci\u00f3n de voz bone no est\u00e9 disponible."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-413xx/CVE-2023-41307.json
View File

@ -2,23 +2,105 @@
"id": "CVE-2023-41307",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:28.660",
"lastModified": "2023-09-27T15:41:31.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:08:01.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Memory overwriting vulnerability in the security module. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad de sobrescritura de memoria en el m\u00f3dulo de seguridad. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

105
CVE-2023/CVE-2023-413xx/CVE-2023-41309.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-41309",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:28.830",
"lastModified": "2023-09-27T15:41:31.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:07:39.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Permission control vulnerability in the MediaPlaybackController module. Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad de control de permisos en el m\u00f3dulo MediaPlaybackController. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-413xx/CVE-2023-41310.json
View File

@ -2,23 +2,130 @@
"id": "CVE-2023-41310",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:29.063",
"lastModified": "2023-09-27T15:41:31.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T16:03:40.263",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Keep-alive vulnerability in the sticky broadcast mechanism. Successful exploitation of this vulnerability may cause malicious apps to run continuously in the background."
},
{
"lang": "es",
"value": "Vulnerabilidad de Keep-alive en el mecanismo de transmisi\u00f3n fija. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar que aplicaciones maliciosas se ejecuten continuamente en segundo plano."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "81995662-9C41-4E88-888D-C50703F858F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/9/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202309-0000001638925158",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41450.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41450",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T03:15:11.563",
"lastModified": "2023-09-28T12:44:04.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:55:39.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter."
},
{
"lang": "es",
"value": "Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro reque."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

50
CVE-2023/CVE-2023-416xx/CVE-2023-41653.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41653",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:30.460",
"lastModified": "2023-09-27T15:41:01.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:16:29.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Beplus Sermon'e \u2013 Sermons Online plugin <=\u00a01.0.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en complemento Beplus Sermon'e \u2013 Sermons Online &lt;= versiones 1.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bearthemes:sermon\\'e_-_sermons_online:1.0.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "B5146088-29FE-4090-8415-3A7783358928"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sermone-online-sermons-management/wordpress-sermon-e-sermons-online-plugin-1-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-418xx/CVE-2023-41860.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41860",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:30.587",
"lastModified": "2023-09-27T15:41:01.547",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:48:04.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Cross-Site Scripting (XSS) vulnerability in TravelMap plugin <=\u00a01.0.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) No Autenticada en el complemento TravelMap &lt;= versiones 1.0.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:travelmap:travelmap:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "535F47AE-04E3-47D8-A005-E929C3FD4DC0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/travelmap-blog/wordpress-travel-map-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-418xx/CVE-2023-41861.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41861",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:30.727",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:49:32.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Restrict plugin <=\u00a02.2.4 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada del complemento Restrict en versiones &lt;= 2.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tickera:restrict:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "1A9F7828-266A-46FC-935B-E0D35A8BCFDA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/restricted-content/wordpress-restrict-membership-site-content-and-user-access-restrictions-for-wordpress-plugin-2-2-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-419xx/CVE-2023-41904.json
View File

@ -2,19 +2,94 @@
"id": "CVE-2023-41904",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:31.137",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:41:39.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST APIs."
},
{
"lang": "es",
"value": "Zoho ManageEngine ADManager Plus anterior a 7203 permite la omisi\u00f3n de 2FA (para la generaci\u00f3n de AuthToken) en las API REST."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.2",
"matchCriteriaId": "7927FC8C-ED61-4E24-AF57-2D5C0E06AB2A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7200:*:*:*:*:*:*",
"matchCriteriaId": "1AE608DF-E02C-4A63-AD3E-7E3C1B921C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7201:*:*:*:*:*:*",
"matchCriteriaId": "72C14C6D-5C72-4A39-A8FF-93CD89C831C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_admanager_plus:7.2:7202:*:*:*:*:*:*",
"matchCriteriaId": "D47DA377-0AF4-453E-9605-A5F87FA14E61"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-41904.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-424xx/CVE-2023-42486.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-42486",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-27T15:19:32.807",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:50:46.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.\n\n"
},
{
"lang": "es",
"value": "Fortect - CWE-428: Ruta o elemento de b\u00fasqueda sin comillas, puede ser utilizado por un usuario local para elevar los privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortect:fortect:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.0.0.7",
"matchCriteriaId": "8C03CCDD-0778-4A4B-AA7C-AC7A682307F1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
"source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-431xx/CVE-2023-43187.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-43187",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:33.370",
"lastModified": "2023-09-27T15:41:51.143",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:43:53.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A remote code execution (RCE) vulnerability in the xmlrpc.php endpoint of NodeBB Inc NodeBB forum software prior to v1.18.6 allows attackers to execute arbitrary code via crafted XML-RPC requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) en el endpoint xmlrpc.php del software del foro NodeBB Inc de NodeBB anterior a v1.18.6 permite a los atacantes ejecutar c\u00f3digo arbitrario a trav\u00e9s de solicitudes XML-RPC manipuladas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-91"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.18.6",
"matchCriteriaId": "BEB38CBD-8D29-48F2-A9C6-061120BAB414"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jagat-singh-chaudhary/CVE/blob/main/CVE-2023-43187",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-442xx/CVE-2023-44206.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-44206",
"sourceIdentifier": "security@acronis.com",
"published": "2023-09-27T15:19:39.407",
"lastModified": "2023-09-27T15:41:26.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T17:51:42.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sensitive information disclosure and manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 15 (Linux, Windows) before build 35979."
},
{
"lang": "es",
"value": "Divulgaci\u00f3n y manipulaci\u00f3n de informaci\u00f3n sensible por autorizaci\u00f3n indebida. Los siguientes productos se ven afectados: Acronis Cyber Protect 15 (Linux, Windows) antes de la compilaci\u00f3n 35979."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +61,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +82,78 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15",
"matchCriteriaId": "547972AF-7F43-4A6D-AFC7-5514DD9995A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update4:*:*:*:*:*:*",
"matchCriteriaId": "9AB8B19B-2B40-4F1B-AE24-1C43D362E4BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update5:*:*:*:*:*:*",
"matchCriteriaId": "69506F27-DEF8-4317-9E54-D79CA430AD4B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-5839",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-51xx/CVE-2023-5186.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-5186",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.760",
"lastModified": "2023-09-28T16:15:10.760",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1478889",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-51xx/CVE-2023-5187.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-5187",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.883",
"lastModified": "2023-09-28T16:15:10.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1475798",
"source": "chrome-cve-admin@google.com"
}
]
}

24
CVE-2023/CVE-2023-52xx/CVE-2023-5217.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-5217",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.980",
"lastModified": "2023-09-28T16:15:10.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
}
],
"metrics": {},
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://crbug.com/1486441",
"source": "chrome-cve-admin@google.com"
}
]
}

87
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-28T16:00:25.322411+00:00
2023-09-28T18:00:25.208893+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-28T15:56:31.800000+00:00
2023-09-28T17:55:39.307000+00:00
```
### Last Data Feed Release
@ -29,66 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226525
226530
```
### CVEs added in the last Commit
Recently added CVEs: `22`
Recently added CVEs: `5`
* [CVE-2022-47186](CVE-2022/CVE-2022-471xx/CVE-2022-47186.json) (`2023-09-28T14:15:16.047`)
* [CVE-2022-47187](CVE-2022/CVE-2022-471xx/CVE-2022-47187.json) (`2023-09-28T14:15:17.927`)
* [CVE-2023-40307](CVE-2023/CVE-2023-403xx/CVE-2023-40307.json) (`2023-09-28T14:15:18.987`)
* [CVE-2023-42756](CVE-2023/CVE-2023-427xx/CVE-2023-42756.json) (`2023-09-28T14:15:21.037`)
* [CVE-2023-43860](CVE-2023/CVE-2023-438xx/CVE-2023-43860.json) (`2023-09-28T14:15:21.783`)
* [CVE-2023-43861](CVE-2023/CVE-2023-438xx/CVE-2023-43861.json) (`2023-09-28T14:15:21.917`)
* [CVE-2023-43862](CVE-2023/CVE-2023-438xx/CVE-2023-43862.json) (`2023-09-28T14:15:22.037`)
* [CVE-2023-43863](CVE-2023/CVE-2023-438xx/CVE-2023-43863.json) (`2023-09-28T14:15:22.207`)
* [CVE-2023-43864](CVE-2023/CVE-2023-438xx/CVE-2023-43864.json) (`2023-09-28T14:15:22.290`)
* [CVE-2023-43865](CVE-2023/CVE-2023-438xx/CVE-2023-43865.json) (`2023-09-28T14:15:22.340`)
* [CVE-2023-43866](CVE-2023/CVE-2023-438xx/CVE-2023-43866.json) (`2023-09-28T14:15:22.383`)
* [CVE-2023-43867](CVE-2023/CVE-2023-438xx/CVE-2023-43867.json) (`2023-09-28T14:15:22.430`)
* [CVE-2023-43868](CVE-2023/CVE-2023-438xx/CVE-2023-43868.json) (`2023-09-28T14:15:22.570`)
* [CVE-2023-43871](CVE-2023/CVE-2023-438xx/CVE-2023-43871.json) (`2023-09-28T14:15:23.883`)
* [CVE-2023-43872](CVE-2023/CVE-2023-438xx/CVE-2023-43872.json) (`2023-09-28T14:15:24.320`)
* [CVE-2023-43873](CVE-2023/CVE-2023-438xx/CVE-2023-43873.json) (`2023-09-28T14:15:25.167`)
* [CVE-2023-43874](CVE-2023/CVE-2023-438xx/CVE-2023-43874.json) (`2023-09-28T14:15:25.783`)
* [CVE-2023-5215](CVE-2023/CVE-2023-52xx/CVE-2023-5215.json) (`2023-09-28T14:15:26.117`)
* [CVE-2023-43876](CVE-2023/CVE-2023-438xx/CVE-2023-43876.json) (`2023-09-28T15:15:12.497`)
* [CVE-2023-43878](CVE-2023/CVE-2023-438xx/CVE-2023-43878.json) (`2023-09-28T15:15:12.573`)
* [CVE-2023-43879](CVE-2023/CVE-2023-438xx/CVE-2023-43879.json) (`2023-09-28T15:15:12.637`)
* [CVE-2023-43884](CVE-2023/CVE-2023-438xx/CVE-2023-43884.json) (`2023-09-28T15:15:12.697`)
* [CVE-2023-30415](CVE-2023/CVE-2023-304xx/CVE-2023-30415.json) (`2023-09-28T16:15:10.563`)
* [CVE-2023-5186](CVE-2023/CVE-2023-51xx/CVE-2023-5186.json) (`2023-09-28T16:15:10.760`)
* [CVE-2023-5187](CVE-2023/CVE-2023-51xx/CVE-2023-5187.json) (`2023-09-28T16:15:10.883`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-09-28T16:15:10.980`)
* [CVE-2023-39195](CVE-2023/CVE-2023-391xx/CVE-2023-39195.json) (`2023-09-28T17:15:11.223`)
### CVEs modified in the last Commit
Recently modified CVEs: `57`
Recently modified CVEs: `53`
* [CVE-2023-40451](CVE-2023/CVE-2023-404xx/CVE-2023-40451.json) (`2023-09-28T15:15:11.547`)
* [CVE-2023-41074](CVE-2023/CVE-2023-410xx/CVE-2023-41074.json) (`2023-09-28T15:15:11.770`)
* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-09-28T15:15:12.180`)
* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-28T15:15:12.750`)
* [CVE-2023-40452](CVE-2023/CVE-2023-404xx/CVE-2023-40452.json) (`2023-09-28T15:21:42.617`)
* [CVE-2023-36851](CVE-2023/CVE-2023-368xx/CVE-2023-36851.json) (`2023-09-28T15:34:11.443`)
* [CVE-2023-41968](CVE-2023/CVE-2023-419xx/CVE-2023-41968.json) (`2023-09-28T15:35:22.463`)
* [CVE-2023-41979](CVE-2023/CVE-2023-419xx/CVE-2023-41979.json) (`2023-09-28T15:36:09.860`)
* [CVE-2023-41980](CVE-2023/CVE-2023-419xx/CVE-2023-41980.json) (`2023-09-28T15:40:48.690`)
* [CVE-2023-41981](CVE-2023/CVE-2023-419xx/CVE-2023-41981.json) (`2023-09-28T15:41:34.647`)
* [CVE-2023-41984](CVE-2023/CVE-2023-419xx/CVE-2023-41984.json) (`2023-09-28T15:42:04.943`)
* [CVE-2023-41986](CVE-2023/CVE-2023-419xx/CVE-2023-41986.json) (`2023-09-28T15:42:29.787`)
* [CVE-2023-41995](CVE-2023/CVE-2023-419xx/CVE-2023-41995.json) (`2023-09-28T15:42:57.613`)
* [CVE-2023-41996](CVE-2023/CVE-2023-419xx/CVE-2023-41996.json) (`2023-09-28T15:43:17.947`)
* [CVE-2023-43828](CVE-2023/CVE-2023-438xx/CVE-2023-43828.json) (`2023-09-28T15:44:27.717`)
* [CVE-2023-43830](CVE-2023/CVE-2023-438xx/CVE-2023-43830.json) (`2023-09-28T15:44:36.313`)
* [CVE-2023-43856](CVE-2023/CVE-2023-438xx/CVE-2023-43856.json) (`2023-09-28T15:48:31.890`)
* [CVE-2023-44042](CVE-2023/CVE-2023-440xx/CVE-2023-44042.json) (`2023-09-28T15:48:44.617`)
* [CVE-2023-44043](CVE-2023/CVE-2023-440xx/CVE-2023-44043.json) (`2023-09-28T15:48:59.240`)
* [CVE-2023-44044](CVE-2023/CVE-2023-440xx/CVE-2023-44044.json) (`2023-09-28T15:49:19.117`)
* [CVE-2023-44205](CVE-2023/CVE-2023-442xx/CVE-2023-44205.json) (`2023-09-28T15:50:13.867`)
* [CVE-2023-40402](CVE-2023/CVE-2023-404xx/CVE-2023-40402.json) (`2023-09-28T15:54:40.410`)
* [CVE-2023-40407](CVE-2023/CVE-2023-404xx/CVE-2023-40407.json) (`2023-09-28T15:55:05.400`)
* [CVE-2023-41312](CVE-2023/CVE-2023-413xx/CVE-2023-41312.json) (`2023-09-28T15:55:47.057`)
* [CVE-2023-41311](CVE-2023/CVE-2023-413xx/CVE-2023-41311.json) (`2023-09-28T15:56:31.800`)
* [CVE-2023-40395](CVE-2023/CVE-2023-403xx/CVE-2023-40395.json) (`2023-09-28T17:34:04.817`)
* [CVE-2023-40399](CVE-2023/CVE-2023-403xx/CVE-2023-40399.json) (`2023-09-28T17:34:13.687`)
* [CVE-2023-40400](CVE-2023/CVE-2023-404xx/CVE-2023-40400.json) (`2023-09-28T17:34:55.413`)
* [CVE-2023-40403](CVE-2023/CVE-2023-404xx/CVE-2023-40403.json) (`2023-09-28T17:35:06.773`)
* [CVE-2023-40406](CVE-2023/CVE-2023-404xx/CVE-2023-40406.json) (`2023-09-28T17:35:13.743`)
* [CVE-2023-40410](CVE-2023/CVE-2023-404xx/CVE-2023-40410.json) (`2023-09-28T17:36:35.503`)
* [CVE-2023-40412](CVE-2023/CVE-2023-404xx/CVE-2023-40412.json) (`2023-09-28T17:36:43.513`)
* [CVE-2023-40417](CVE-2023/CVE-2023-404xx/CVE-2023-40417.json) (`2023-09-28T17:36:53.980`)
* [CVE-2023-40418](CVE-2023/CVE-2023-404xx/CVE-2023-40418.json) (`2023-09-28T17:38:02.403`)
* [CVE-2023-40419](CVE-2023/CVE-2023-404xx/CVE-2023-40419.json) (`2023-09-28T17:38:11.293`)
* [CVE-2023-40420](CVE-2023/CVE-2023-404xx/CVE-2023-40420.json) (`2023-09-28T17:38:19.547`)
* [CVE-2023-40422](CVE-2023/CVE-2023-404xx/CVE-2023-40422.json) (`2023-09-28T17:38:25.017`)
* [CVE-2023-40424](CVE-2023/CVE-2023-404xx/CVE-2023-40424.json) (`2023-09-28T17:38:30.720`)
* [CVE-2023-41904](CVE-2023/CVE-2023-419xx/CVE-2023-41904.json) (`2023-09-28T17:41:39.123`)
* [CVE-2023-3223](CVE-2023/CVE-2023-32xx/CVE-2023-3223.json) (`2023-09-28T17:43:18.923`)
* [CVE-2023-40520](CVE-2023/CVE-2023-405xx/CVE-2023-40520.json) (`2023-09-28T17:43:32.067`)
* [CVE-2023-43187](CVE-2023/CVE-2023-431xx/CVE-2023-43187.json) (`2023-09-28T17:43:53.387`)
* [CVE-2023-41242](CVE-2023/CVE-2023-412xx/CVE-2023-41242.json) (`2023-09-28T17:44:54.230`)
* [CVE-2023-41232](CVE-2023/CVE-2023-412xx/CVE-2023-41232.json) (`2023-09-28T17:47:02.787`)
* [CVE-2023-41860](CVE-2023/CVE-2023-418xx/CVE-2023-41860.json) (`2023-09-28T17:48:04.947`)
* [CVE-2023-41861](CVE-2023/CVE-2023-418xx/CVE-2023-41861.json) (`2023-09-28T17:49:32.943`)
* [CVE-2023-42486](CVE-2023/CVE-2023-424xx/CVE-2023-42486.json) (`2023-09-28T17:50:46.877`)
* [CVE-2023-44206](CVE-2023/CVE-2023-442xx/CVE-2023-44206.json) (`2023-09-28T17:51:42.847`)
* [CVE-2023-30630](CVE-2023/CVE-2023-306xx/CVE-2023-30630.json) (`2023-09-28T17:54:17.707`)
* [CVE-2023-41450](CVE-2023/CVE-2023-414xx/CVE-2023-41450.json) (`2023-09-28T17:55:39.307`)
## Download and Usage