admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-09-25T02:00:17.794182+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-09-25 02:03:16 +00:00
parent 937ed24148
commit 27883e5348
149 changed files with 5746 additions and 296 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
CVE-2015/CVE-2015-69xx/CVE-2015-6964.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-6964",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T05:15:10.243",
"lastModified": "2023-09-26T18:26:06.317",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:05.677",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-697"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
}
],
"configurations": [

41
CVE-2021/CVE-2021-380xx/CVE-2021-38023.json
View File

@ -2,16 +2,43 @@
"id": "CVE-2021-38023",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-09-23T22:15:02.763",
"lastModified": "2024-09-23T22:15:02.763",
"lastModified": "2024-09-25T01:35:08.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Use after free in Extensions in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
},
{
"lang": "es",
"value": "Use after free en extensiones de Google Chrome anteriores a la versi\u00f3n 92.0.4515.107 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: Alta)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "chrome-cve-admin@google.com",
@ -22,6 +49,16 @@
"value": "CWE-416"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [

56
CVE-2021/CVE-2021-389xx/CVE-2021-38963.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2021-38963",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:26.607",
"lastModified": "2024-09-25T01:15:26.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7169765",
"source": "psirt@us.ibm.com"
}
]
}

6
CVE-2022/CVE-2022-20xx/CVE-2022-2081.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2081",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2024-01-04T10:15:10.927",
"lastModified": "2024-01-10T16:39:45.477",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:32.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -76,7 +76,7 @@
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-787"
}
]
}

13
CVE-2022/CVE-2022-25xx/CVE-2022-2502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2502",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-07-26T06:15:09.760",
"lastModified": "2023-08-03T19:26:16.343",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:32.513",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -72,7 +72,7 @@
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-20"
}
]
}
@ -123,11 +123,8 @@
],
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
]
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@hitachienergy.com"
}
]
}

56
CVE-2022/CVE-2022-438xx/CVE-2022-43845.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2022-43845",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:32.757",
"lastModified": "2024-09-25T01:15:32.757",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Aspera Console 3.4.0 through 3.4.4 could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. A remote attacker could exploit this vulnerability to obtain sensitive information from the cookie."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1004"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7169766",
"source": "psirt@us.ibm.com"
}
]
}

13
CVE-2022/CVE-2022-46xx/CVE-2022-4608.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4608",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-07-26T06:15:10.220",
"lastModified": "2023-08-03T14:51:55.703",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:33.067",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -72,7 +72,7 @@
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-787"
}
]
}
@ -123,11 +123,8 @@
],
"references": [
{
"url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
]
"url": "https://publisher.hitachienergy.com/preview?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@hitachienergy.com"
}
]
}

14
CVE-2022/CVE-2022-486xx/CVE-2022-48605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48605",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-25T13:15:10.590",
"lastModified": "2023-09-26T18:53:26.107",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:36.260",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,16 @@
"value": "CWE-20"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [

60
CVE-2023/CVE-2023-266xx/CVE-2023-26686.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-26686",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:33.760",
"lastModified": "2024-09-25T01:35:39.633",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the image upload feature when customizing a shop."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26686%20-%20File%20Upload%20vulnerability%20in%20product%20image%20of%20CS-Cart%20MultiVendor%204.16.1",
"source": "cve@mitre.org"
},
{
"url": "https://www.cs-cart.com/multivendor.html",
"source": "cve@mitre.org"
}
]
}

56
CVE-2023/CVE-2023-266xx/CVE-2023-26687.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-26687",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:33.837",
"lastModified": "2024-09-25T01:35:40.363",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to obtain sensitive information via the product_data parameter in the PDF Add-on."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26687%20-%20Local%20File%20Inclusion%20vulnerability%20in%20CS-Cart%20MultiVendor",
"source": "cve@mitre.org"
}
]
}

60
CVE-2023/CVE-2023-266xx/CVE-2023-26688.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-26688",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:33.887",
"lastModified": "2024-09-25T01:35:41.087",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via the product_data parameter of add/edit product in the administration interface."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26688%20-%20Cross%20Site%20Scripting%20%28XSS%29%20vulnerability%20in%20CS-Cart%20MultiVendor%204.16.1",
"source": "cve@mitre.org"
},
{
"url": "https://www.cs-cart.com/multivendor.html",
"source": "cve@mitre.org"
}
]
}

56
CVE-2023/CVE-2023-266xx/CVE-2023-26689.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2023-26689",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:33.943",
"lastModified": "2024-09-25T01:35:41.817",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-286"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26689%20-%20Insufficient%20Authorization%20for%20API%20key%20creation%20in%20CS-Cart%20MultiVendor%204.16.1",
"source": "cve@mitre.org"
}
]
}

60
CVE-2023/CVE-2023-266xx/CVE-2023-26690.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-26690",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:33.997",
"lastModified": "2024-09-25T01:35:42.567",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via File Manager/Editor component in the vendor or admin menu."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26690%20-%20%20File%20Upload%20vulnerability%20in%20File%20Manager%20of%20CS-Cart%20MultiVendor%204.16.1",
"source": "cve@mitre.org"
},
{
"url": "https://www.cs-cart.com/multivendor.html",
"source": "cve@mitre.org"
}
]
}

60
CVE-2023/CVE-2023-266xx/CVE-2023-26691.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2023-26691",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:34.057",
"lastModified": "2024-09-25T01:35:43.300",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory Traversal vulnerability in CS-Cart MultiVendor 4.16.1 allows remote attackers to run arbitrary code via crafted zip file when installing a new add-on."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/cybrops-io/CVEs/tree/main/CVE-2023-26691%20-%20Zip%20Slip%20in%20CS-Cart%20MultiVendor%204.16.1",
"source": "cve@mitre.org"
},
{
"url": "https://www.cs-cart.com/multivendor.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-26xx/CVE-2023-2687.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-2687",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-02T16:15:09.703",
"lastModified": "2023-06-09T17:45:05.567",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:34.223",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.\n"
"value": "Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap."
}
],
"metrics": {
@ -72,7 +72,7 @@
"description": [
{
"lang": "en",
"value": "CWE-131"
"value": "CWE-787"
}
]
}

14
CVE-2023/CVE-2023-317xx/CVE-2023-31716.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31716",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T00:15:09.757",
"lastModified": "2023-09-25T16:40:36.283",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:45.500",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-317xx/CVE-2023-31718.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31718",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T00:15:11.353",
"lastModified": "2023-09-25T16:43:50.833",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:46.280",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-98"
}
]
}
],
"configurations": [

8
CVE-2023/CVE-2023-370xx/CVE-2023-37068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37068",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-09T20:15:10.497",
"lastModified": "2023-08-15T19:30:45.440",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:35.460",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -72,6 +72,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/riteshs4hu/My-CVE/blob/main/CVE-2023-37068-Exploit.md",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-370xx/CVE-2023-37069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37069",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-10T13:15:10.373",
"lastModified": "2023-08-15T17:50:23.687",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:35.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -79,6 +79,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/riteshs4hu/My-CVE/blob/main/CVE-2023-37069-Exploit.md",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-370xx/CVE-2023-37070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37070",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-14T13:15:10.900",
"lastModified": "2023-08-18T20:16:06.100",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:35.687",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -87,6 +87,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/riteshs4hu/My-CVE/blob/main/CVE-2023-37070-Exploit.md",
"source": "cve@mitre.org"
}
]
}

14
CVE-2023/CVE-2023-383xx/CVE-2023-38344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38344",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T21:15:10.877",
"lastModified": "2023-09-25T17:04:57.943",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:51.997",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-388xx/CVE-2023-38887.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38887",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T01:15:56.327",
"lastModified": "2023-09-22T01:48:21.710",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:53.460",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-434"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-390xx/CVE-2023-39052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39052",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T20:15:11.627",
"lastModified": "2023-09-22T23:03:03.047",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:54.207",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-396xx/CVE-2023-39640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39640",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T19:15:09.710",
"lastModified": "2023-09-26T19:31:58.313",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:55.757",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-404xx/CVE-2023-40436.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40436",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:15.910",
"lastModified": "2023-10-12T02:26:39.720",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:35:59.353",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-412xx/CVE-2023-41293.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41293",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-25T13:15:10.727",
"lastModified": "2023-09-25T17:10:42.680",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:02.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,16 @@
"value": "CWE-227"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-412xx/CVE-2023-41294.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41294",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-25T12:15:10.827",
"lastModified": "2023-09-25T17:59:10.743",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:03.287",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-413xx/CVE-2023-41301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41301",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-25T13:15:11.250",
"lastModified": "2023-09-25T17:14:55.240",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:04.337",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-413xx/CVE-2023-41302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41302",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-25T13:15:11.323",
"lastModified": "2023-09-25T17:23:27.563",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:05.000",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,16 @@
"value": "CWE-22"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-413xx/CVE-2023-41308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41308",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:28.740",
"lastModified": "2023-09-28T15:59:20.683",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:05.800",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [

12
CVE-2023/CVE-2023-419xx/CVE-2023-41984.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-41984",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:31.973",
"lastModified": "2023-11-07T04:21:11.400",
"lastModified": "2024-09-25T01:36:07.897",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-423xx/CVE-2023-42322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42322",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T21:15:11.913",
"lastModified": "2023-09-23T03:42:57.927",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:08.867",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-384"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-424xx/CVE-2023-42426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42426",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T21:15:15.640",
"lastModified": "2023-09-26T14:39:54.583",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:09.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-431xx/CVE-2023-43131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43131",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T15:15:10.567",
"lastModified": "2023-09-26T19:08:13.463",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:12.133",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-431xx/CVE-2023-43141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43141",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T16:15:14.587",
"lastModified": "2023-09-26T16:55:26.053",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:12.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-Other"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43202",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T14:15:14.340",
"lastModified": "2023-09-22T14:01:27.360",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:13.957",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43203.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43203",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T14:15:14.513",
"lastModified": "2023-09-22T14:01:17.030",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:14.680",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43204",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T14:15:14.643",
"lastModified": "2023-09-22T14:03:57.567",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:15.387",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43206",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T14:15:14.793",
"lastModified": "2023-09-22T14:03:46.960",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:16.110",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43207",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T14:15:14.963",
"lastModified": "2023-09-22T14:03:39.580",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:16.830",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-77"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-432xx/CVE-2023-43216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43216",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:33.427",
"lastModified": "2023-09-27T16:25:34.437",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:17.537",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-432xx/CVE-2023-43222.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43222",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:33.477",
"lastModified": "2023-09-27T16:33:27.510",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:18.173",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-432xx/CVE-2023-43234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43234",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:33.767",
"lastModified": "2023-09-29T18:50:51.993",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:18.900",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43236",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T13:15:10.127",
"lastModified": "2023-09-22T02:19:03.217",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:19.577",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43237",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T13:15:10.253",
"lastModified": "2023-09-22T02:19:09.227",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:20.550",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43238",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T13:15:10.353",
"lastModified": "2023-09-22T02:19:15.737",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:21.300",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43239",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T13:15:10.470",
"lastModified": "2023-09-22T02:19:27.603",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:22.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43242.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43242",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T13:15:10.797",
"lastModified": "2023-09-22T02:20:01.783",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:22.743",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-432xx/CVE-2023-43274.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43274",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T14:15:10.003",
"lastModified": "2023-09-22T02:15:02.017",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:23.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-433xx/CVE-2023-43323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43323",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T20:15:11.107",
"lastModified": "2023-09-29T19:14:51.303",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:24.583",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-15"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43371",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:11.953",
"lastModified": "2023-09-21T13:23:28.350",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:25.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43373",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.157",
"lastModified": "2023-09-21T20:02:17.167",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:26.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43374",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.350",
"lastModified": "2023-09-21T20:03:01.670",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:26.967",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43375",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.413",
"lastModified": "2023-09-21T18:41:49.407",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:27.670",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43376",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.487",
"lastModified": "2023-09-28T18:44:02.520",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:28.383",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-433xx/CVE-2023-43377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43377",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.723",
"lastModified": "2023-09-21T18:35:37.720",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:29.090",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-434xx/CVE-2023-43457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43457",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T21:15:16.457",
"lastModified": "2023-09-26T17:03:01.700",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:30.050",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-434xx/CVE-2023-43458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43458",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T20:15:11.557",
"lastModified": "2023-09-26T15:47:14.577",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:30.710",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-434xx/CVE-2023-43498.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43498",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-09-20T17:15:11.927",
"lastModified": "2023-09-23T03:45:03.873",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:32.130",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-377"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-436xx/CVE-2023-43617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43617",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T06:15:10.617",
"lastModified": "2023-09-28T18:56:25.610",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:33.277",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-436xx/CVE-2023-43619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43619",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T06:15:10.773",
"lastModified": "2023-09-22T02:05:56.723",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:33.950",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-437xx/CVE-2023-43761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43761",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.457",
"lastModified": "2023-09-26T14:51:14.143",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:35.440",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-835"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [

4
CVE-2023/CVE-2023-43xx/CVE-2023-4327.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4327",
"sourceIdentifier": "cret@cert.org",
"published": "2023-08-15T19:15:11.010",
"lastModified": "2024-09-05T22:15:03.240",
"lastModified": "2024-09-25T01:15:39.057",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,7 +56,7 @@
"description": [
{
"lang": "en",
"value": "CWE-327"
"value": "CWE-522"
}
]
}

4
CVE-2023/CVE-2023-43xx/CVE-2023-4328.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4328",
"sourceIdentifier": "cret@cert.org",
"published": "2023-08-15T19:15:11.060",
"lastModified": "2024-09-05T22:15:03.413",
"lastModified": "2024-09-25T01:15:39.207",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -56,7 +56,7 @@
"description": [
{
"lang": "en",
"value": "CWE-321"
"value": "CWE-522"
}
]
}

12
CVE-2023/CVE-2023-43xx/CVE-2023-4333.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4333",
"sourceIdentifier": "cret@cert.org",
"published": "2023-08-15T19:15:11.347",
"lastModified": "2023-09-08T16:15:07.743",
"lastModified": "2024-09-25T01:15:39.313",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cret@cert.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44013",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:34.877",
"lastModified": "2023-09-27T18:45:57.737",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:36.947",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44014",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:34.933",
"lastModified": "2023-09-27T18:45:53.000",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:37.660",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44015.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44015",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:34.983",
"lastModified": "2023-09-27T18:45:44.000",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:38.380",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44016",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:35.040",
"lastModified": "2023-09-27T18:45:36.290",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:39.083",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44017",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:35.097",
"lastModified": "2023-09-27T18:45:25.770",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:39.810",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44018.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44018",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:35.150",
"lastModified": "2023-09-27T18:45:19.397",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:40.517",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-440xx/CVE-2023-44019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44019",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:35.207",
"lastModified": "2023-09-27T18:45:08.397",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:41.233",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-119"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-440xx/CVE-2023-44080.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44080",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T22:15:11.783",
"lastModified": "2023-10-02T20:30:36.210",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:42.567",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-441xx/CVE-2023-44169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44169",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:38.503",
"lastModified": "2023-09-27T16:34:34.990",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:43.233",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-441xx/CVE-2023-44170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44170",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:38.573",
"lastModified": "2023-09-27T16:36:29.710",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:43.900",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-441xx/CVE-2023-44171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44171",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:38.657",
"lastModified": "2023-09-27T16:43:19.023",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:44.533",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-441xx/CVE-2023-44172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44172",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:38.860",
"lastModified": "2023-09-27T16:46:00.713",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:45.183",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -49,6 +49,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [

34
CVE-2023/CVE-2023-45xx/CVE-2023-4565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4565",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-09-27T15:19:40.933",
"lastModified": "2023-09-29T19:48:19.453",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:46.390",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-732"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [

64
CVE-2023/CVE-2023-53xx/CVE-2023-5359.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2023-5359",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-09-25T01:15:39.730",
"lastModified": "2024-09-25T01:15:39.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The W3 Total Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.7.5 via Google OAuth API secrets stored in plaintext in the publicly visible plugin source. This can allow unauthenticated attackers to impersonate W3 Total Cache and gain access to user account information in successful conditions. This would not impact the WordPress users site in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/w3-total-cache/trunk/PageSpeed_Api.php#L39",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3156426/w3-total-cache/tags/2.7.6/PageSpeed_Api.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2d89a534-978e-4fd8-be3a-5137bdc22dc9?source=cve",
"source": "security@wordfence.com"
}
]
}

14
CVE-2023/CVE-2023-63xx/CVE-2023-6315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6315",
"sourceIdentifier": "product-security@gg.jp.panasonic.com",
"published": "2023-12-19T01:15:12.310",
"lastModified": "2024-01-02T13:43:51.817",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:36:48.463",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -69,6 +69,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

14
CVE-2023/CVE-2023-70xx/CVE-2023-7003.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-7003",
"sourceIdentifier": "cret@cert.org",
"published": "2024-03-15T17:15:07.630",
"lastModified": "2024-08-22T00:35:00.557",
"lastModified": "2024-09-25T01:15:39.957",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -39,6 +39,18 @@
}
]
},
"weaknesses": [
{
"source": "cret@cert.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-323"
}
]
}
],
"references": [
{
"url": "https://alephsecurity.com/2024/03/07/kontrol-lux-lock-2/",

43
CVE-2023/CVE-2023-72xx/CVE-2023-7281.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-7281",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-09-23T22:15:03.027",
"lastModified": "2024-09-23T22:15:03.027",
"lastModified": "2024-09-25T01:36:49.143",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Compositing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)"
},
{
"lang": "es",
"value": "Una implementaci\u00f3n inadecuada en la composici\u00f3n de Google Chrome anterior a la versi\u00f3n 119.0.6045.105 permiti\u00f3 que un atacante remoto suplantara la interfaz de usuario a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: media)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://issues.chromium.org/issues/40055233",

43
CVE-2023/CVE-2023-72xx/CVE-2023-7282.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2023-7282",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2024-09-23T22:15:03.083",
"lastModified": "2024-09-23T22:15:03.083",
"lastModified": "2024-09-25T01:36:49.867",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)"
},
{
"lang": "es",
"value": "Una implementaci\u00f3n inadecuada en la navegaci\u00f3n en Google Chrome anterior a la versi\u00f3n 113.0.5672.63 permiti\u00f3 que un atacante remoto convenciera a un usuario para que realizara gestos espec\u00edficos de la interfaz de usuario para realizar una suplantaci\u00f3n de dominio a trav\u00e9s de una p\u00e1gina HTML manipulada. (Gravedad de seguridad de Chromium: baja)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-451"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://issues.chromium.org/issues/40056040",

6
CVE-2024/CVE-2024-200xx/CVE-2024-20017.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-20017",
"sourceIdentifier": "security@mediatek.com",
"published": "2024-03-04T03:15:06.970",
"lastModified": "2024-08-26T21:35:05.050",
"lastModified": "2024-09-25T01:36:50.810",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -44,6 +44,10 @@
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-787"

70
CVE-2024/CVE-2024-215xx/CVE-2024-21545.json Normal file
View File

@ -0,0 +1,70 @@
{
"id": "CVE-2024-21545",
"sourceIdentifier": "report@snyk.io",
"published": "2024-09-25T01:15:40.180",
"lastModified": "2024-09-25T01:36:51.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Proxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against malicious API response values allow authenticated attackers with 'Sys.Audit' or 'VM.Monitor' privileges to download arbitrary host files via the API.\nWhen handling the result from a request handler before returning it to the user, the handle_api2_request function will check for the \u2018download\u2019 or \u2018data\u2019->\u2019download\u2019 objects inside the request handler call response object. If present, handle_api2_request will read a local file defined by this object and return it to the user.\nTwo endpoints were identified which can control the object returned by a request handler sufficiently that the \u2019download\u2019 object is defined and user controlled. This results in arbitrary file read.\nThe privileges of this file read can result in full compromise of the system by various impacts such as disclosing sensitive files allowing for privileged session forgery."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "report@snyk.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "report@snyk.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://forum.proxmox.com/threads/proxmox-virtual-environment-security-advisories.149331/post-705345",
"source": "report@snyk.io"
},
{
"url": "https://git.proxmox.com/?p=pve-http-server.git;a=blob;f=src/PVE/APIServer/AnyEvent.pm;h=a8d60c18102d2eea9235720852fb60d90f405d0a;hb=HEAD#l988",
"source": "report@snyk.io"
}
]
}

6
CVE-2024/CVE-2024-34xx/CVE-2024-3446.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3446",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-04-09T20:15:10.450",
"lastModified": "2024-04-18T08:15:38.340",
"lastModified": "2024-09-25T01:15:40.827",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -52,6 +52,10 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2024:6964",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3446",
"source": "secalert@redhat.com"

6
CVE-2024/CVE-2024-37xx/CVE-2024-3727.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-3727",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-05-14T15:42:07.060",
"lastModified": "2024-09-16T22:15:20.370",
"lastModified": "2024-09-25T01:15:41.470",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
@ -88,6 +88,10 @@
"url": "https://access.redhat.com/errata/RHSA-2024:6708",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:6824",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-3727",
"source": "secalert@redhat.com"

56
CVE-2024/CVE-2024-383xx/CVE-2024-38324.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-38324",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-09-25T01:15:40.493",
"lastModified": "2024-09-25T01:15:40.493",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Storage Defender 2.0.0 through 2.0.7 on-prem defender-sensor-cmd CLI does not validate server name during registration and unregistration operations which could expose sensitive information to an attacker with access to the system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-297"
}
]
}
],
"references": [
{
"url": "https://www.ibm.com/support/pages/node/7168640",
"source": "psirt@us.ibm.com"
}
]
}

66
CVE-2024/CVE-2024-399xx/CVE-2024-39928.json Normal file
View File

@ -0,0 +1,66 @@
{
"id": "CVE-2024-39928",
"sourceIdentifier": "security@apache.org",
"published": "2024-09-25T01:15:40.693",
"lastModified": "2024-09-25T01:36:52.690",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Apache Linkis <= 1.5.0, a Random string security vulnerability in Spark EngineConn,\u00a0random string generated by the Token when starting Py4j uses the Commons Lang's RandomStringUtils.\nUsers are recommended to upgrade to version 1.6.0, which fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-326"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/g664n13nb17rsogcfrn8kjgd8m89p8nw",
"source": "security@apache.org"
}
]
}

43
CVE-2024/CVE-2024-404xx/CVE-2024-40441.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-40441",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-23T17:15:13.580",
"lastModified": "2024-09-23T17:15:13.580",
"lastModified": "2024-09-25T01:36:53.897",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via the model_attribs parameter."
},
{
"lang": "es",
"value": "Un problema en Doccano Open source annotation tools for machine learning practitioners v.1.8.4 y Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 permite que un atacante remoto escale privilegios a trav\u00e9s del par\u00e1metro model_attribs."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/doccano/auto-labeling-pipeline/releases/tag/v0.1.23",

43
CVE-2024/CVE-2024-404xx/CVE-2024-40442.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2024-40442",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-23T17:15:13.700",
"lastModified": "2024-09-23T17:15:13.700",
"lastModified": "2024-09-25T01:36:54.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in Doccano Open source annotation tools for machine learning practitioners v.1.8.4 and Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 allows a remote attacker to escalate privileges via a crafted REST Request."
},
{
"lang": "es",
"value": "Un problema en Doccano Open source annotation tools for machine learning practitioners v.1.8.4 y Doccano Auto Labeling Pipeline module to annotate a document automatically v.0.1.23 permite que un atacante remoto escale privilegios a trav\u00e9s de una solicitud REST manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/doccano/auto-labeling-pipeline/releases/tag/v0.1.23",

100
CVE-2024/CVE-2024-417xx/CVE-2024-41725.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-41725",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-25T01:15:41.833",
"lastModified": "2024-09-25T01:15:41.833",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input \nfields that are used to render pages which may allow cross site \nscripting."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}

8
CVE-2024/CVE-2024-422xx/CVE-2024-42259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-42259",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-08-14T15:15:31.673",
"lastModified": "2024-09-12T16:00:55.537",
"vulnStatus": "Analyzed",
"lastModified": "2024-09-25T01:15:42.137",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
@ -168,6 +168,10 @@
"tags": [
"Patch"
]
},
{
"url": "https://project-zero.issues.chromium.org/issues/42451707",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
]
}

56
CVE-2024/CVE-2024-425xx/CVE-2024-42505.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42505",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-25T01:15:42.273",
"lastModified": "2024-09-25T01:36:55.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

56
CVE-2024/CVE-2024-425xx/CVE-2024-42506.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42506",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-25T01:15:42.477",
"lastModified": "2024-09-25T01:36:56.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

56
CVE-2024/CVE-2024-425xx/CVE-2024-42507.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42507",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2024-09-25T01:15:42.643",
"lastModified": "2024-09-25T01:36:56.783",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US",
"source": "security-alert@hpe.com"
}
]
}

56
CVE-2024/CVE-2024-427xx/CVE-2024-42797.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2024-42797",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-25T01:15:42.830",
"lastModified": "2024-09-25T01:36:57.453",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Incorrect Access Control vulnerability was found in /music/ajax.php?action=delete_playlist in Kashipara Music Management System v1.0. This vulnerability allows an unauthenticated attacker to delete the valid music playlist entries."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Broken%20Access%20Control%20-%20Delete%20Playlist.pdf",
"source": "cve@mitre.org"
}
]
}

100
CVE-2024/CVE-2024-434xx/CVE-2024-43423.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-43423",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-25T01:15:42.893",
"lastModified": "2024-09-25T01:15:42.893",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The web application for ProGauge MAGLINK LX4 CONSOLE contains an \nadministrative-level user account with a password that cannot be \nchanged."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-259"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}

100
CVE-2024/CVE-2024-436xx/CVE-2024-43692.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-43692",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-25T01:15:43.110",
"lastModified": "2024-09-25T01:15:43.110",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An attacker can directly request the ProGauge MAGLINK LX CONSOLE \nresource sub page with full privileges by requesting the URL directly."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-288"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}

100
CVE-2024/CVE-2024-436xx/CVE-2024-43693.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2024-43693",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-09-25T01:15:43.370",
"lastModified": "2024-09-25T01:15:43.370",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE \nUTILITY sub-menu can allow a remote attacker to inject arbitrary \ncommands."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "HIGH",
"subsequentSystemIntegrity": "HIGH",
"subsequentSystemAvailability": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
}
}
],
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-268-04",
"source": "ics-cert@hq.dhs.gov"
}
]
}

Some files were not shown because too many files have changed in this diff Show More