diff --git a/CVE-2023/CVE-2023-14xx/CVE-2023-1428.json b/CVE-2023/CVE-2023-14xx/CVE-2023-1428.json index 9a391321aa5..a9cd65aa85d 100644 --- a/CVE-2023/CVE-2023-14xx/CVE-2023-1428.json +++ b/CVE-2023/CVE-2023-14xx/CVE-2023-1428.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1428", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-06-09T11:15:09.200", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:17:53.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.51.0", + "versionEndExcluding": "1.53.0", + "matchCriteriaId": "120AAF30-BEE7-4F95-A296-A233F20B54A5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/grpc/grpc/commit/2485fa94bd8a723e5c977d55a3ce10b301b437f8", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1917.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1917.json index bac5711874c..5a8748faa9c 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1917.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1917.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1917", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:15:59.717", - "lastModified": "2023-06-09T13:03:33.953", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:11:37.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,22 +66,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blubrry:powerpress:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "10.0", + "matchCriteriaId": "A21FE8D3-0C2F-4DDC-92A1-B2BFC39A0C8C" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/powerpress/trunk/powerpress-player.php#L102", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2896729/powerpress", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2899207/powerpress", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/44583cb7-bc32-4e62-8431-f5f1f6baeff2?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2080.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2080.json new file mode 100644 index 00000000000..84785fd3b51 --- /dev/null +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2080.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2080", + "sourceIdentifier": "psirt@forcepoint.com", + "published": "2023-06-15T23:15:09.020", + "lastModified": "2023-06-15T23:15:09.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Forcepoint Cloud Security Gateway (CSG) Portal on Web Cloud Security Gateway, Email Security Cloud allows Blind SQL Injection." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@forcepoint.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@forcepoint.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://support.forcepoint.com/s/article/000041871", + "source": "psirt@forcepoint.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2159.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2159.json index 04a8da7e9b3..f1a74b31322 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2159.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2159.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2159", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:04.290", - "lastModified": "2023-06-09T13:03:33.953", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:12:20.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:niteothemes:cmp:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.1.8", + "matchCriteriaId": "01BA6FE9-77F7-475D-88F9-2D94F4C8A3B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/cmp-coming-soon-maintenance/tags/4.1.6/niteo-cmp.php#L808", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2900571/cmp-coming-soon-maintenance/tags/4.1.8/cmp-advanced.php?old=2873620&old_path=cmp-coming-soon-maintenance%2Ftags%2F4.1.7%2Fcmp-advanced.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/af955f69-b18c-446e-b05e-6a57a5f16dfa?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2184.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2184.json index 1959937dd1e..223fc2185b6 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2184.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2184.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2184", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:04.503", - "lastModified": "2023-06-09T13:03:29.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:12:32.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:i13websolution:wp_responsive_tabs:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.16", + "matchCriteriaId": "E8F4F927-0A0A-4DC9-B88B-5C63BA02F96A" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2825016%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.15&new=2900990%40responsive-horizontal-vertical-and-accordion-tabs%2Ftags%2F1.1.16", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/fe54c37f-1421-48aa-b502-045847d13ae3?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2189.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2189.json index 5f5354cf592..e9ca7f7639d 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2189.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2189.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2189", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:04.750", - "lastModified": "2023-06-09T13:03:29.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:12:53.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,16 +64,50 @@ "value": "CWE-862" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:staxwp:stax:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.4.3", + "matchCriteriaId": "970425F6-58D9-4FB9-8EE9-5DAF827E475E" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/stax-addons-for-elementor/trunk/core/admin/pages/Widgets.php#L31", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/926550bb-265d-4811-a375-10c47e9fb4d6?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23841.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23841.json new file mode 100644 index 00000000000..0433c4e0fcf --- /dev/null +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23841.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-23841", + "sourceIdentifier": "psirt@solarwinds.com", + "published": "2023-06-15T22:15:09.227", + "lastModified": "2023-06-15T22:15:09.227", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "psirt@solarwinds.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "references": [ + { + "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23841", + "source": "psirt@solarwinds.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2556.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2556.json index 2fe80b247ac..af2f31a5692 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2556.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2556.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2556", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:08.960", - "lastModified": "2023-06-09T13:03:29.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:13:12.523", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +66,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pluginus:wordpress_currency_switcher:*:*:*:*:professional:wordpress:*:*", + "versionEndExcluding": "1.2.0", + "matchCriteriaId": "4C254C7B-AD88-4854-86D8-7BEDB4F325F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2911049/currency-switcher", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch", + "Release Notes" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc44c95e-9ca0-46d0-8315-72612ef3f855?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2584.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2584.json index 7be134ac2f5..29d772139b8 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2584.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2584.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2584", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:09.897", - "lastModified": "2023-06-09T13:03:29.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:14:29.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pixelyoursite:pixelyoursite:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "9.3.6", + "matchCriteriaId": "8CAF1889-837A-4ED5-B93A-A2BEE9C8C736" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pixelyoursite:pixelyoursite_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "9.6.1", + "matchCriteriaId": "9E77AFE4-0078-45AC-AF55-AF9CE794E699" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/pixelyoursite/trunk/modules/head_footer/head_footer.php?rev=2773949#L73", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2912301%40pixelyoursite%2Ftrunk&old=2897911%40pixelyoursite%2Ftrunk&sfp_email=&sfph_mail=#file2", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ebf1e83-50b8-4f56-ba76-10100375edda?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2599.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2599.json index f3b38041d67..7b5225265d0 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2599.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2599.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2599", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:10.247", - "lastModified": "2023-06-09T13:03:29.543", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:15:07.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:miniorange:active_directory_integration_\\/_ldap_integration:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.1.4", + "matchCriteriaId": "1091C145-C140-4D4F-8889-B3DBBE1A4E18" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/ldap-login-for-intranet-sites/trunk/class-mo-ldap-user-auth-reports.php?rev=2859403#L64", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910898%40ldap-login-for-intranet-sites%2Ftrunk&old=2903294%40ldap-login-for-intranet-sites%2Ftrunk&sfp_email=&sfph_mail=#file5", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/74089b16-76fa-4654-9007-3f0c2e894894?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2604.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2604.json index bdfda3f4c0d..6a7985f3bec 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2604.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2604.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2604", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:10.567", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:15:19.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:i13websolution:team_circle_image_slider_with_lightbox:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.17", + "matchCriteriaId": "EACC8A3F-1841-4414-B4B8-1B61E3905F85" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.17&old=2910236&new_path=%2Fcircle-image-slider-with-lightbox%2Ftags%2F1.0.18&new=2910236&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2627ac2b-25a8-480d-ac83-ee0ca323b3a1?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2607.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2607.json index 88b59d3f56c..92009229ff7 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2607.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2607.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2607", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:10.967", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:15:33.480", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themeisle:multiple_page_generator:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.3.17", + "matchCriteriaId": "375ADF18-D10F-4D34-B7AF-F11AA2A96C1E" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/multiple-pages-generator-by-porthas/trunk/controllers/ProjectsListManage.php#L40", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2910686%40multiple-pages-generator-by-porthas%2Ftrunk&old=2905353%40multiple-pages-generator-by-porthas%2Ftrunk&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1575f0ad-0a77-4047-844c-48db4c8b4e91?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2688.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2688.json index 8cceec666c1..9fb7eac46da 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2688.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2688.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2688", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:11.217", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:15:47.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,14 +66,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iptanus:wordpress_file_upload:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.19.1", + "matchCriteriaId": "6E0A23CE-ED96-426F-8021-DBEBB5170154" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iptanus:wordpress_file_upload_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.19.1", + "matchCriteriaId": "89EA2AD6-7C0E-4FD4-8A24-D9A80A14EB69" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abd6eeac-0a7e-4762-809f-593cd85f303d?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2764.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2764.json index ed0a03b1019..4402d8515cb 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2764.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2764.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2764", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:11.573", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:16:07.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -46,18 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nsqua:draw_attention:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.11", + "matchCriteriaId": "D334F76F-4FC0-493A-9447-D978505915F4" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/draw-attention/trunk/public/includes/lib/drag-drop-featured-image/index.php#L500", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2917528/", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/18530601-a294-448c-a1b2-c3995f9042ac?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2767.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2767.json index a6bb28b3aea..4cf4949864c 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2767.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2767.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2767", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T06:16:11.867", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:16:25.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,16 +64,56 @@ "value": "CWE-79" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iptanus:wordpress_file_upload:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.19.1", + "matchCriteriaId": "6E0A23CE-ED96-426F-8021-DBEBB5170154" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:iptanus:wordpress_file_upload_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.19.1", + "matchCriteriaId": "89EA2AD6-7C0E-4FD4-8A24-D9A80A14EB69" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2915978%40wp-file-upload%2Ftrunk&old=2909107%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail=#file2", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/23334d94-e5b8-4c88-8765-02ad19e17248?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28810.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28810.json new file mode 100644 index 00000000000..84e69121f34 --- /dev/null +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28810.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-28810", + "sourceIdentifier": "hsrc@hikvision.com", + "published": "2023-06-15T22:15:09.307", + "lastModified": "2023-06-15T22:15:09.307", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Some access control/intercom products have unauthorized modification of device network configuration vulnerabilities. Attackers can modify device network configuration by sending specific data packets to the vulnerable interface within the same local network." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "hsrc@hikvision.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "hsrc@hikvision.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-access-control-intercom/", + "source": "hsrc@hikvision.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2897.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2897.json index 89d095c48f5..42617aaf320 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2897.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2897.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2897", "sourceIdentifier": "security@wordfence.com", "published": "2023-06-09T07:15:10.423", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:17:19.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security@wordfence.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:brizy:brizy:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.4.18", + "matchCriteriaId": "308F44A9-7B85-4B30-BF68-72D8180795E5" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2919443/brizy", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae342dd9-2f5f-4356-8fb4-9a3e5f4f8316?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3176.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3176.json index ea438e09096..03c5d3ba114 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3176.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3176.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3176", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-09T06:16:12.497", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:16:40.580", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lost_and_found_information_system_project:lost_and_found_information_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E7B84257-5F4C-48D4-8097-A6FA541667BE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#7sql-injection-vulnerability-in-adminusermanage_userphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231150", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231150", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3177.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3177.json index a7ae32db40c..199463a66ce 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3177.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3177.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3177", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-09T06:16:12.870", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:17:35.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lost_and_found_information_system_project:lost_and_found_information_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E7B84257-5F4C-48D4-8097-A6FA541667BE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/AnotherN/cvv/blob/main/imgs/Lost%20and%20Found%20Information%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-admininquiriesview_inquiryphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231151", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.231151", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32731.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32731.json index 3bcf5b7c1f7..0745002bad4 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32731.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32731.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32731", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-06-09T11:15:09.303", - "lastModified": "2023-06-13T16:15:12.917", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:18:49.193", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -46,14 +76,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.53.0", + "versionEndExcluding": "1.55.0", + "matchCriteriaId": "1FD89F7C-C259-4213-A259-70C505491F50" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/grpc/grpc/pull/32309", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/grpc/grpc/pull/33005", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32732.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32732.json index 744324101b9..05b8fbdf0cf 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32732.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32732.json @@ -2,16 +2,40 @@ "id": "CVE-2023-32732", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-06-09T11:15:09.377", - "lastModified": "2023-06-09T13:03:24.613", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-15T22:14:04.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in\u00a0 https://github.com/grpc/grpc/pull/32309 https://www.google.com/url \n" + }, + { + "lang": "es", + "value": "gRPC contiene una vulnerabilidad por la que un cliente puede provocar la finalizaci\u00f3n de la conexi\u00f3n entre un proxy HTTP2 y un servidor gRPC. Un error de codificaci\u00f3n en base64 para cabeceras con sufijo \"-bin\" provocar\u00e1 la desconexi\u00f3n por parte del servidor gRPC, pero suele estar permitido por los proxies HTTP2. Se recomienda actualizar m\u00e1s all\u00e1 del commit \"https://github.com/grpc/grpc/pull/32309\"." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -46,10 +80,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:grpc:grpc:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.53.0", + "matchCriteriaId": "97BFBCEF-3DA4-4DD4-881F-5F3940614E30" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/grpc/grpc/pull/32309", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 1f57af2235c..2146e2ef860 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-15T22:00:27.414653+00:00 +2023-06-15T23:55:34.375547+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-15T21:15:09.677000+00:00 +2023-06-15T23:15:09.020000+00:00 ``` ### Last Data Feed Release @@ -29,55 +29,40 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217886 +217889 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `3` -* [CVE-2023-2683](CVE-2023/CVE-2023-26xx/CVE-2023-2683.json) (`2023-06-15T20:15:09.260`) -* [CVE-2023-2747](CVE-2023/CVE-2023-27xx/CVE-2023-2747.json) (`2023-06-15T20:15:09.323`) -* [CVE-2023-31672](CVE-2023/CVE-2023-316xx/CVE-2023-31672.json) (`2023-06-15T20:15:09.387`) -* [CVE-2023-33243](CVE-2023/CVE-2023-332xx/CVE-2023-33243.json) (`2023-06-15T20:15:09.427`) -* [CVE-2023-34242](CVE-2023/CVE-2023-342xx/CVE-2023-34242.json) (`2023-06-15T20:15:09.473`) -* [CVE-2023-34852](CVE-2023/CVE-2023-348xx/CVE-2023-34852.json) (`2023-06-15T20:15:09.543`) -* [CVE-2023-24030](CVE-2023/CVE-2023-240xx/CVE-2023-24030.json) (`2023-06-15T21:15:09.510`) -* [CVE-2023-24031](CVE-2023/CVE-2023-240xx/CVE-2023-24031.json) (`2023-06-15T21:15:09.550`) -* [CVE-2023-24032](CVE-2023/CVE-2023-240xx/CVE-2023-24032.json) (`2023-06-15T21:15:09.593`) -* [CVE-2023-34797](CVE-2023/CVE-2023-347xx/CVE-2023-34797.json) (`2023-06-15T21:15:09.637`) -* [CVE-2023-34800](CVE-2023/CVE-2023-348xx/CVE-2023-34800.json) (`2023-06-15T21:15:09.677`) +* [CVE-2023-23841](CVE-2023/CVE-2023-238xx/CVE-2023-23841.json) (`2023-06-15T22:15:09.227`) +* [CVE-2023-28810](CVE-2023/CVE-2023-288xx/CVE-2023-28810.json) (`2023-06-15T22:15:09.307`) +* [CVE-2023-2080](CVE-2023/CVE-2023-20xx/CVE-2023-2080.json) (`2023-06-15T23:15:09.020`) ### CVEs modified in the last Commit -Recently modified CVEs: `59` +Recently modified CVEs: `18` -* [CVE-2023-21142](CVE-2023/CVE-2023-211xx/CVE-2023-21142.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-21143](CVE-2023/CVE-2023-211xx/CVE-2023-21143.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-21144](CVE-2023/CVE-2023-211xx/CVE-2023-21144.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-21618](CVE-2023/CVE-2023-216xx/CVE-2023-21618.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-22248](CVE-2023/CVE-2023-222xx/CVE-2023-22248.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-28809](CVE-2023/CVE-2023-288xx/CVE-2023-28809.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29287](CVE-2023/CVE-2023-292xx/CVE-2023-29287.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29288](CVE-2023/CVE-2023-292xx/CVE-2023-29288.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29289](CVE-2023/CVE-2023-292xx/CVE-2023-29289.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29290](CVE-2023/CVE-2023-292xx/CVE-2023-29290.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29291](CVE-2023/CVE-2023-292xx/CVE-2023-29291.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29292](CVE-2023/CVE-2023-292xx/CVE-2023-29292.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29293](CVE-2023/CVE-2023-292xx/CVE-2023-29293.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29294](CVE-2023/CVE-2023-292xx/CVE-2023-29294.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29295](CVE-2023/CVE-2023-292xx/CVE-2023-29295.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29296](CVE-2023/CVE-2023-292xx/CVE-2023-29296.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29297](CVE-2023/CVE-2023-292xx/CVE-2023-29297.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29302](CVE-2023/CVE-2023-293xx/CVE-2023-29302.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29304](CVE-2023/CVE-2023-293xx/CVE-2023-29304.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29307](CVE-2023/CVE-2023-293xx/CVE-2023-29307.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29321](CVE-2023/CVE-2023-293xx/CVE-2023-29321.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29322](CVE-2023/CVE-2023-293xx/CVE-2023-29322.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-2686](CVE-2023/CVE-2023-26xx/CVE-2023-2686.json) (`2023-06-15T20:46:39.603`) -* [CVE-2023-29755](CVE-2023/CVE-2023-297xx/CVE-2023-29755.json) (`2023-06-15T20:57:54.577`) -* [CVE-2023-0297](CVE-2023/CVE-2023-02xx/CVE-2023-0297.json) (`2023-06-15T21:15:09.427`) +* [CVE-2023-1917](CVE-2023/CVE-2023-19xx/CVE-2023-1917.json) (`2023-06-15T22:11:37.083`) +* [CVE-2023-2159](CVE-2023/CVE-2023-21xx/CVE-2023-2159.json) (`2023-06-15T22:12:20.457`) +* [CVE-2023-2184](CVE-2023/CVE-2023-21xx/CVE-2023-2184.json) (`2023-06-15T22:12:32.913`) +* [CVE-2023-2189](CVE-2023/CVE-2023-21xx/CVE-2023-2189.json) (`2023-06-15T22:12:53.960`) +* [CVE-2023-2556](CVE-2023/CVE-2023-25xx/CVE-2023-2556.json) (`2023-06-15T22:13:12.523`) +* [CVE-2023-32732](CVE-2023/CVE-2023-327xx/CVE-2023-32732.json) (`2023-06-15T22:14:04.903`) +* [CVE-2023-2584](CVE-2023/CVE-2023-25xx/CVE-2023-2584.json) (`2023-06-15T22:14:29.190`) +* [CVE-2023-2599](CVE-2023/CVE-2023-25xx/CVE-2023-2599.json) (`2023-06-15T22:15:07.667`) +* [CVE-2023-2604](CVE-2023/CVE-2023-26xx/CVE-2023-2604.json) (`2023-06-15T22:15:19.723`) +* [CVE-2023-2607](CVE-2023/CVE-2023-26xx/CVE-2023-2607.json) (`2023-06-15T22:15:33.480`) +* [CVE-2023-2688](CVE-2023/CVE-2023-26xx/CVE-2023-2688.json) (`2023-06-15T22:15:47.297`) +* [CVE-2023-2764](CVE-2023/CVE-2023-27xx/CVE-2023-2764.json) (`2023-06-15T22:16:07.900`) +* [CVE-2023-2767](CVE-2023/CVE-2023-27xx/CVE-2023-2767.json) (`2023-06-15T22:16:25.907`) +* [CVE-2023-3176](CVE-2023/CVE-2023-31xx/CVE-2023-3176.json) (`2023-06-15T22:16:40.580`) +* [CVE-2023-2897](CVE-2023/CVE-2023-28xx/CVE-2023-2897.json) (`2023-06-15T22:17:19.443`) +* [CVE-2023-3177](CVE-2023/CVE-2023-31xx/CVE-2023-3177.json) (`2023-06-15T22:17:35.467`) +* [CVE-2023-1428](CVE-2023/CVE-2023-14xx/CVE-2023-1428.json) (`2023-06-15T22:17:53.033`) +* [CVE-2023-32731](CVE-2023/CVE-2023-327xx/CVE-2023-32731.json) (`2023-06-15T22:18:49.193`) ## Download and Usage