From 2abfdd102be946ec0233b9b855bf1348e44fa3aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Helmke?= Date: Thu, 11 May 2023 23:55:28 +0200 Subject: [PATCH] Auto-Update: 2023-05-11T21:55:24.901738+00:00 --- CVE-2019/CVE-2019-01xx/CVE-2019-0160.json | 65 ++++----- CVE-2020/CVE-2020-181xx/CVE-2020-18131.json | 68 ++++++++- CVE-2020/CVE-2020-210xx/CVE-2020-21038.json | 68 ++++++++- CVE-2022/CVE-2022-482xx/CVE-2022-48235.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-482xx/CVE-2022-48236.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-482xx/CVE-2022-48238.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-482xx/CVE-2022-48239.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-482xx/CVE-2022-48240.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-483xx/CVE-2022-48371.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-483xx/CVE-2022-48372.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-483xx/CVE-2022-48373.json | 150 +++++++++++++++++++- CVE-2022/CVE-2022-483xx/CVE-2022-48374.json | 150 +++++++++++++++++++- CVE-2023/CVE-2023-26xx/CVE-2023-2662.json | 55 +++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2663.json | 55 +++++++ CVE-2023/CVE-2023-26xx/CVE-2023-2664.json | 55 +++++++ CVE-2023/CVE-2023-275xx/CVE-2023-27554.json | 59 ++++++++ CVE-2023/CVE-2023-278xx/CVE-2023-27870.json | 59 ++++++++ CVE-2023/CVE-2023-279xx/CVE-2023-27934.json | 65 ++++++++- CVE-2023/CVE-2023-279xx/CVE-2023-27935.json | 91 +++++++++++- CVE-2023/CVE-2023-279xx/CVE-2023-27936.json | 109 +++++++++++++- CVE-2023/CVE-2023-279xx/CVE-2023-27937.json | 133 +++++++++++++++-- CVE-2023/CVE-2023-279xx/CVE-2023-27938.json | 65 ++++++++- CVE-2023/CVE-2023-279xx/CVE-2023-27941.json | 83 ++++++++++- CVE-2023/CVE-2023-279xx/CVE-2023-27942.json | 120 ++++++++++++++-- CVE-2023/CVE-2023-291xx/CVE-2023-29195.json | 79 +++++++++++ CVE-2023/CVE-2023-297xx/CVE-2023-29791.json | 20 +++ CVE-2023/CVE-2023-311xx/CVE-2023-31146.json | 59 ++++++++ CVE-2023/CVE-2023-314xx/CVE-2023-31497.json | 20 +++ CVE-2023/CVE-2023-320xx/CVE-2023-32058.json | 59 ++++++++ CVE-2023/CVE-2023-320xx/CVE-2023-32082.json | 67 +++++++++ README.md | 108 +++++--------- 31 files changed, 2710 insertions(+), 202 deletions(-) create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2662.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2663.json create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2664.json create mode 100644 CVE-2023/CVE-2023-275xx/CVE-2023-27554.json create mode 100644 CVE-2023/CVE-2023-278xx/CVE-2023-27870.json create mode 100644 CVE-2023/CVE-2023-291xx/CVE-2023-29195.json create mode 100644 CVE-2023/CVE-2023-297xx/CVE-2023-29791.json create mode 100644 CVE-2023/CVE-2023-311xx/CVE-2023-31146.json create mode 100644 CVE-2023/CVE-2023-314xx/CVE-2023-31497.json create mode 100644 CVE-2023/CVE-2023-320xx/CVE-2023-32058.json create mode 100644 CVE-2023/CVE-2023-320xx/CVE-2023-32082.json diff --git a/CVE-2019/CVE-2019-01xx/CVE-2019-0160.json b/CVE-2019/CVE-2019-01xx/CVE-2019-0160.json index 183b2c1e986..fb48a1dd3c6 100644 --- a/CVE-2019/CVE-2019-01xx/CVE-2019-0160.json +++ b/CVE-2019/CVE-2019-01xx/CVE-2019-0160.json @@ -2,12 +2,12 @@ "id": "CVE-2019-0160", "sourceIdentifier": "secure@intel.com", "published": "2019-03-27T20:29:03.927", - "lastModified": "2022-04-05T20:36:03.980", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-11T21:15:09.570", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access." + "value": "Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service via network access.\n\n" }, { "lang": "es", @@ -35,6 +35,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "secure@intel.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.8 } ], "cvssMetricV2": [ @@ -179,43 +199,8 @@ ], "references": [ { - "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00048.html", - "source": "secure@intel.com", - "tags": [ - "Mailing List", - "Patch", - "Vendor Advisory" - ] - }, - { - "url": "https://access.redhat.com/errata/RHSA-2019:2125", - "source": "secure@intel.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://access.redhat.com/errata/RHSA-2019:3338", - "source": "secure@intel.com", - "tags": [ - "Third Party Advisory" - ] - }, - { - "url": "https://edk2-docs.gitbooks.io/security-advisory/content/partitiondxe-and-udf-buffer-overflow.html", - "source": "secure@intel.com", - "tags": [ - "Patch", - "Third Party Advisory" - ] - }, - { - "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TQYVZRFEXSN3KS43AVH4D7QX553EZQYP/", - "source": "secure@intel.com", - "tags": [ - "Mailing List", - "Third Party Advisory" - ] + "url": "https://tianocore-docs.github.io/SecurityAdvisory/draft/partitiondxe-and-udf-buffer-overflow.html", + "source": "secure@intel.com" } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-181xx/CVE-2020-18131.json b/CVE-2020/CVE-2020-181xx/CVE-2020-18131.json index 41685b2ab16..d82d8bdd31f 100644 --- a/CVE-2020/CVE-2020-181xx/CVE-2020-18131.json +++ b/CVE-2020/CVE-2020-181xx/CVE-2020-18131.json @@ -2,23 +2,81 @@ "id": "CVE-2020-18131", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-08T14:15:10.000", - "lastModified": "2023-05-08T14:17:28.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:38:11.717", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to /members/console.php?cID=5." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:clanscripts_project:clanscripts:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "97AF85A3-2DB2-4D69-AED7-670DEBB21AED" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/bluethrust/clanscripts", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/bluethrust/clanscripts/issues/27", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-210xx/CVE-2020-21038.json b/CVE-2020/CVE-2020-210xx/CVE-2020-21038.json index fb0432b0b03..5955b5b9a72 100644 --- a/CVE-2020/CVE-2020-210xx/CVE-2020-21038.json +++ b/CVE-2020/CVE-2020-210xx/CVE-2020-21038.json @@ -2,23 +2,81 @@ "id": "CVE-2020-21038", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-08T14:15:10.283", - "lastModified": "2023-05-08T14:17:28.107", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:38:31.283", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:typecho:typecho:1.1-17.10.30:*:*:*:*:*:*:*", + "matchCriteriaId": "89CD6CB0-3CAB-4AC6-B211-5FD6A42F3F47" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/typecho/typecho", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/typecho/typecho/issues/952", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-482xx/CVE-2022-48235.json b/CVE-2022/CVE-2022-482xx/CVE-2022-48235.json index 9002e305b45..fb2382c4034 100644 --- a/CVE-2022/CVE-2022-482xx/CVE-2022-48235.json +++ b/CVE-2022/CVE-2022-482xx/CVE-2022-48235.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48235", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:10.317", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:01:36.210", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-482xx/CVE-2022-48236.json b/CVE-2022/CVE-2022-482xx/CVE-2022-48236.json index 778a5f08e07..58196eb5f09 100644 --- a/CVE-2022/CVE-2022-482xx/CVE-2022-48236.json +++ b/CVE-2022/CVE-2022-482xx/CVE-2022-48236.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48236", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:10.360", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:01:20.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-482xx/CVE-2022-48238.json b/CVE-2022/CVE-2022-482xx/CVE-2022-48238.json index aba4b401cfc..f406d03c84e 100644 --- a/CVE-2022/CVE-2022-482xx/CVE-2022-48238.json +++ b/CVE-2022/CVE-2022-482xx/CVE-2022-48238.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48238", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:10.447", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:34:03.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Image filter, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-482xx/CVE-2022-48239.json b/CVE-2022/CVE-2022-482xx/CVE-2022-48239.json index 3ebbb9618a4..d7621daf7e4 100644 --- a/CVE-2022/CVE-2022-482xx/CVE-2022-48239.json +++ b/CVE-2022/CVE-2022-482xx/CVE-2022-48239.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48239", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:10.490", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:34:50.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-482xx/CVE-2022-48240.json b/CVE-2022/CVE-2022-482xx/CVE-2022-48240.json index 02c43b9742f..d4addd57cea 100644 --- a/CVE-2022/CVE-2022-482xx/CVE-2022-48240.json +++ b/CVE-2022/CVE-2022-482xx/CVE-2022-48240.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48240", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:10.540", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:34:59.237", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48371.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48371.json index 7f0520c3325..a40ff12eda4 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48371.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48371.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48371", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:11.163", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:35:35.713", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48372.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48372.json index 7ff9eb1ecda..1bb2bf9bf48 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48372.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48372.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48372", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:11.210", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:17:45.393", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48373.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48373.json index a88a80fee37..017651c4046 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48373.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48373.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48373", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:11.253", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:32:59.337", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48374.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48374.json index c7520460b4b..ecf48db1d37 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48374.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48374.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48374", "sourceIdentifier": "security@unisoc.com", "published": "2023-05-09T02:15:11.297", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:33:35.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1654776866982133761", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json new file mode 100644 index 00000000000..bab4f98daf2 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2662", + "sourceIdentifier": "xpdf@xpdfreader.com", + "published": "2023-05-11T21:15:09.873", + "lastModified": "2023-05-11T21:15:09.873", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 2.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + } + ], + "references": [ + { + "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505", + "source": "xpdf@xpdfreader.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2663.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2663.json new file mode 100644 index 00000000000..dd7ba0f7edc --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2663.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2663", + "sourceIdentifier": "xpdf@xpdfreader.com", + "published": "2023-05-11T21:15:10.043", + "lastModified": "2023-05-11T21:15:10.043", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 2.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + } + ], + "references": [ + { + "url": "https://forum.xpdfreader.com/viewtopic.php?t=42421", + "source": "xpdf@xpdfreader.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2664.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2664.json new file mode 100644 index 00000000000..1981f16b5a0 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2664.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2664", + "sourceIdentifier": "xpdf@xpdfreader.com", + "published": "2023-05-11T21:15:10.137", + "lastModified": "2023-05-11T21:15:10.137", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\u00a0In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 2.9, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "xpdf@xpdfreader.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + } + ], + "references": [ + { + "url": "https://forum.xpdfreader.com/viewtopic.php?t=42422", + "source": "xpdf@xpdfreader.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27554.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27554.json new file mode 100644 index 00000000000..b3e761d86ae --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27554.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-27554", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-11T20:15:09.227", + "lastModified": "2023-05-11T20:15:09.227", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nIBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 249185.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-611" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/249185", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6989451", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-278xx/CVE-2023-27870.json b/CVE-2023/CVE-2023-278xx/CVE-2023-27870.json new file mode 100644 index 00000000000..8453e64fac3 --- /dev/null +++ b/CVE-2023/CVE-2023-278xx/CVE-2023-27870.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-27870", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-11T20:15:09.327", + "lastModified": "2023-05-11T20:15:09.327", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. IBM X-Force ID: 249518.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://https://exchange.xforce.ibmcloud.com/vulnerabilities/249518", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6985697", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json index 101f41ca255..7605ea163d0 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27934.json @@ -2,19 +2,76 @@ "id": "CVE-2023-27934", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.367", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:35:24.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause unexpected app termination or arbitrary code execution" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-665" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.3", + "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json index 73d818158b6..41c174ecd75 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27935.json @@ -2,27 +2,106 @@ "id": "CVE-2023-27935", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.423", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:35:40.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.7.5", + "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.6.4", + "matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213675", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213677", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json index 16a2c80e1a5..34b426191ee 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27936.json @@ -2,31 +2,126 @@ "id": "CVE-2023-27936", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.493", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:36:01.177", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to cause unexpected system termination or write kernel memory" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.4", + "matchCriteriaId": "6342B4CB-4D7D-4FBD-8A5E-E3DABDC7770E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.4", + "matchCriteriaId": "C75E4307-6CF3-4835-8E5F-96BF060658C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.7.5", + "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.6.4", + "matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213673", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213675", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213677", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json index 6dc810ed6d4..b0309cad49d 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27937.json @@ -2,39 +2,154 @@ "id": "CVE-2023-27937", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.550", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:36:18.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.7.5", + "matchCriteriaId": "4895F6FE-9045-4243-BECA-D63037F63516" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.6.4", + "matchCriteriaId": "3C93428C-C9B4-464F-8A4A-0CE8D7BB2BAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "B55C90FB-21A2-4066-9FFD-04ABA57E68F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.4", + "matchCriteriaId": "B5DA93B3-CA76-4932-84EE-40445A6505EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213674", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213675", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213677", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213678", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json index 3869520b249..2643a90991d 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27938.json @@ -2,19 +2,76 @@ "id": "CVE-2023-27938", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.610", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:36:36.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in GarageBand for macOS 10.4.8. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.4.8", + "matchCriteriaId": "2987DF50-8922-494F-A10B-D41224B412F3" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213650", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json index 9d6481b5e65..542b262ea53 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27941.json @@ -2,23 +2,96 @@ "id": "CVE-2023-27941", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.670", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:36:55.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4. An app may be able to disclose kernel memory" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.4", + "matchCriteriaId": "6342B4CB-4D7D-4FBD-8A5E-E3DABDC7770E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.4", + "matchCriteriaId": "C75E4307-6CF3-4835-8E5F-96BF060658C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.3", + "matchCriteriaId": "F58DAF22-8807-445A-AD05-8510829526CB" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213673", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json index 42e7b841bee..458f9659a11 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27942.json @@ -2,35 +2,139 @@ "id": "CVE-2023-27942", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.733", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-11T20:37:09.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, tvOS 16.4, iOS 16.4 and iPadOS 16.4. An app may be able to access user-sensitive data" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "EE68C5EC-5829-481D-BFF7-0A501018A3CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "F02C0CA5-8ABA-48C7-BCAE-5CF25435DF87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "12.6.4", + "matchCriteriaId": "108A5DD5-4943-4F53-A193-780841B56344" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.4", + "matchCriteriaId": "B55C90FB-21A2-4066-9FFD-04ABA57E68F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.4", + "matchCriteriaId": "B5DA93B3-CA76-4932-84EE-40445A6505EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213674", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213677", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213678", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-291xx/CVE-2023-29195.json b/CVE-2023/CVE-2023-291xx/CVE-2023-29195.json new file mode 100644 index 00000000000..206318a8a87 --- /dev/null +++ b/CVE-2023/CVE-2023-291xx/CVE-2023-29195.json @@ -0,0 +1,79 @@ +{ + "id": "CVE-2023-29195", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-11T20:15:09.403", + "lastModified": "2023-05-11T20:15:09.403", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vitess is a database clustering system for horizontal scaling of MySQL through generalized sharding. Prior to version 16.0.2, users can either intentionally or inadvertently create a shard containing `/` characters from VTAdmin such that from that point on, anyone who tries to create a new shard from VTAdmin will receive an error. Attempting to view the keyspace(s) will also no longer work. Creating a shard using `vtctldclient` does not have the same problem because the CLI validates the input correctly. Version 16.0.2, corresponding to version 0.16.2 of the `go` module, contains a patch for this issue. Some workarounds are available. Always use `vtctldclient` to create shards, instead of using VTAdmin; disable creating shards from VTAdmin using RBAC; and/or delete the topology record for the offending shard using the client for your topology server." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + }, + { + "lang": "en", + "value": "CWE-703" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vitessio/vitess/commit/9dcbd7de3180f47e94f54989fb5c66daea00c920", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vitessio/vitess/issues/12842", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vitessio/vitess/pull/12843", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vitessio/vitess/releases/tag/v16.0.2", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vitessio/vitess/security/advisories/GHSA-pqj7-jx24-wj7w", + "source": "security-advisories@github.com" + }, + { + "url": "https://pkg.go.dev/vitess.io/vitess@v0.16.2", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json b/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json new file mode 100644 index 00000000000..f207ea9e2ba --- /dev/null +++ b/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-29791", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-11T21:15:09.807", + "lastModified": "2023-05-11T21:15:09.807", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the debug information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://blog.mo60.cn/index.php/archives/kodbox-xss.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31146.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31146.json new file mode 100644 index 00000000000..c0d2245d43d --- /dev/null +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31146.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-31146", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-11T21:15:10.240", + "lastModified": "2023-05-11T21:15:10.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment. The issue can cause data corruption across call frames. The expected behavior is to revert due to out-of-bounds array access. Version 0.3.8 contains a patch for this issue." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vyperlang/vyper/commit/4f8289a81206f767df1900ac48f485d90fc87edb", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-3p37-3636-q8wv", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31497.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31497.json new file mode 100644 index 00000000000..3c8afcea020 --- /dev/null +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31497.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31497", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-11T21:15:10.340", + "lastModified": "2023-05-11T21:15:10.340", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/0xInfection/EPScalate", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32058.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32058.json new file mode 100644 index 00000000000..d446e687dd5 --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32058.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32058", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-11T21:15:10.397", + "lastModified": "2023-05-11T21:15:10.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, due to missing overflow check for loop variables, by assigning the iterator of a loop to a variable, it is possible to overflow the type of the latter. The issue seems to happen only in loops of type `for i in range(a, a + N)` as in loops of type `for i in range(start, stop)` and `for i in range(stop)`, the compiler is able to raise a `TypeMismatch` when trying to overflow the variable. The problem has been patched in version 0.3.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/vyperlang/vyper/commit/3de1415ee77a9244eb04bdb695e249d3ec9ed868", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-6r8q-pfpv-7cgj", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32082.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32082.json new file mode 100644 index 00000000000..fda975f3382 --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32082.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2023-32082", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-11T20:15:09.500", + "lastModified": "2023-05-11T20:15:09.500", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.26 and 3.5.9, the LeaseTimeToLive API allows access to key names (not value) associated to a lease when `Keys` parameter is true, even a user doesn't have read permission to the keys. The impact is limited to a cluster which enables auth (RBAC). Versions 3.4.26 and 3.5.9 fix this issue. There are no known workarounds." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.6, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.4.md", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/etcd-io/etcd/blob/main/CHANGELOG/CHANGELOG-3.5.md", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/etcd-io/etcd/pull/15656", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-3p4g-rcw5-8298", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 32b5023a4c4..9e17ab37be1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-11T20:00:24.538776+00:00 +2023-05-11T21:55:24.901738+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-11T19:20:28.837000+00:00 +2023-05-11T21:15:10.397000+00:00 ``` ### Last Data Feed Release @@ -29,87 +29,49 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -214932 +214943 ``` ### CVEs added in the last Commit -Recently added CVEs: `15` +Recently added CVEs: `11` -* [CVE-2023-1834](CVE-2023/CVE-2023-18xx/CVE-2023-1834.json) (`2023-05-11T19:15:09.283`) -* [CVE-2023-2443](CVE-2023/CVE-2023-24xx/CVE-2023-2443.json) (`2023-05-11T19:15:09.377`) -* [CVE-2023-2444](CVE-2023/CVE-2023-24xx/CVE-2023-2444.json) (`2023-05-11T19:15:09.437`) -* [CVE-2023-25309](CVE-2023/CVE-2023-253xx/CVE-2023-25309.json) (`2023-05-11T18:15:12.360`) -* [CVE-2023-29022](CVE-2023/CVE-2023-290xx/CVE-2023-29022.json) (`2023-05-11T18:15:13.023`) -* [CVE-2023-29023](CVE-2023/CVE-2023-290xx/CVE-2023-29023.json) (`2023-05-11T18:15:13.163`) -* [CVE-2023-29024](CVE-2023/CVE-2023-290xx/CVE-2023-29024.json) (`2023-05-11T18:15:13.240`) -* [CVE-2023-29025](CVE-2023/CVE-2023-290xx/CVE-2023-29025.json) (`2023-05-11T18:15:13.323`) -* [CVE-2023-29026](CVE-2023/CVE-2023-290xx/CVE-2023-29026.json) (`2023-05-11T18:15:13.420`) -* [CVE-2023-29027](CVE-2023/CVE-2023-290xx/CVE-2023-29027.json) (`2023-05-11T18:15:13.517`) -* [CVE-2023-29028](CVE-2023/CVE-2023-290xx/CVE-2023-29028.json) (`2023-05-11T18:15:13.610`) -* [CVE-2023-29029](CVE-2023/CVE-2023-290xx/CVE-2023-29029.json) (`2023-05-11T18:15:13.677`) -* [CVE-2023-29030](CVE-2023/CVE-2023-290xx/CVE-2023-29030.json) (`2023-05-11T18:15:13.770`) -* [CVE-2023-29031](CVE-2023/CVE-2023-290xx/CVE-2023-29031.json) (`2023-05-11T18:15:13.843`) -* [CVE-2023-30394](CVE-2023/CVE-2023-303xx/CVE-2023-30394.json) (`2023-05-11T19:15:09.497`) +* [CVE-2023-2662](CVE-2023/CVE-2023-26xx/CVE-2023-2662.json) (`2023-05-11T21:15:09.873`) +* [CVE-2023-2663](CVE-2023/CVE-2023-26xx/CVE-2023-2663.json) (`2023-05-11T21:15:10.043`) +* [CVE-2023-2664](CVE-2023/CVE-2023-26xx/CVE-2023-2664.json) (`2023-05-11T21:15:10.137`) +* [CVE-2023-27554](CVE-2023/CVE-2023-275xx/CVE-2023-27554.json) (`2023-05-11T20:15:09.227`) +* [CVE-2023-27870](CVE-2023/CVE-2023-278xx/CVE-2023-27870.json) (`2023-05-11T20:15:09.327`) +* [CVE-2023-29195](CVE-2023/CVE-2023-291xx/CVE-2023-29195.json) (`2023-05-11T20:15:09.403`) +* [CVE-2023-29791](CVE-2023/CVE-2023-297xx/CVE-2023-29791.json) (`2023-05-11T21:15:09.807`) +* [CVE-2023-31146](CVE-2023/CVE-2023-311xx/CVE-2023-31146.json) (`2023-05-11T21:15:10.240`) +* [CVE-2023-31497](CVE-2023/CVE-2023-314xx/CVE-2023-31497.json) (`2023-05-11T21:15:10.340`) +* [CVE-2023-32058](CVE-2023/CVE-2023-320xx/CVE-2023-32058.json) (`2023-05-11T21:15:10.397`) +* [CVE-2023-32082](CVE-2023/CVE-2023-320xx/CVE-2023-32082.json) (`2023-05-11T20:15:09.500`) ### CVEs modified in the last Commit -Recently modified CVEs: `53` +Recently modified CVEs: `19` -* [CVE-2022-22313](CVE-2022/CVE-2022-223xx/CVE-2022-22313.json) (`2023-05-11T18:24:20.833`) -* [CVE-2022-34670](CVE-2022/CVE-2022-346xx/CVE-2022-34670.json) (`2023-05-11T18:15:09.800`) -* [CVE-2022-34674](CVE-2022/CVE-2022-346xx/CVE-2022-34674.json) (`2023-05-11T18:15:09.957`) -* [CVE-2022-34675](CVE-2022/CVE-2022-346xx/CVE-2022-34675.json) (`2023-05-11T18:15:10.070`) -* [CVE-2022-34677](CVE-2022/CVE-2022-346xx/CVE-2022-34677.json) (`2023-05-11T18:15:10.167`) -* [CVE-2022-34680](CVE-2022/CVE-2022-346xx/CVE-2022-34680.json) (`2023-05-11T18:15:10.287`) -* [CVE-2022-4118](CVE-2022/CVE-2022-41xx/CVE-2022-4118.json) (`2023-05-11T18:20:40.990`) -* [CVE-2022-42257](CVE-2022/CVE-2022-422xx/CVE-2022-42257.json) (`2023-05-11T18:15:10.413`) -* [CVE-2022-42258](CVE-2022/CVE-2022-422xx/CVE-2022-42258.json) (`2023-05-11T18:15:10.540`) -* [CVE-2022-42259](CVE-2022/CVE-2022-422xx/CVE-2022-42259.json) (`2023-05-11T18:15:10.693`) -* [CVE-2022-43769](CVE-2022/CVE-2022-437xx/CVE-2022-43769.json) (`2023-05-11T18:15:10.847`) -* [CVE-2022-43877](CVE-2022/CVE-2022-438xx/CVE-2022-43877.json) (`2023-05-11T18:22:32.347`) -* [CVE-2022-43939](CVE-2022/CVE-2022-439xx/CVE-2022-43939.json) (`2023-05-11T18:15:11.000`) -* [CVE-2022-45065](CVE-2022/CVE-2022-450xx/CVE-2022-45065.json) (`2023-05-11T18:29:25.107`) -* [CVE-2022-46081](CVE-2022/CVE-2022-460xx/CVE-2022-46081.json) (`2023-05-11T19:15:09.200`) -* [CVE-2022-47437](CVE-2022/CVE-2022-474xx/CVE-2022-47437.json) (`2023-05-11T18:29:03.820`) -* [CVE-2022-47439](CVE-2022/CVE-2022-474xx/CVE-2022-47439.json) (`2023-05-11T18:28:50.673`) -* [CVE-2022-48237](CVE-2022/CVE-2022-482xx/CVE-2022-48237.json) (`2023-05-11T19:20:28.837`) -* [CVE-2023-0008](CVE-2023/CVE-2023-00xx/CVE-2023-0008.json) (`2023-05-11T18:15:11.093`) -* [CVE-2023-0267](CVE-2023/CVE-2023-02xx/CVE-2023-0267.json) (`2023-05-11T18:15:16.573`) -* [CVE-2023-0268](CVE-2023/CVE-2023-02xx/CVE-2023-0268.json) (`2023-05-11T18:12:06.047`) -* [CVE-2023-1649](CVE-2023/CVE-2023-16xx/CVE-2023-1649.json) (`2023-05-11T18:53:04.560`) -* [CVE-2023-1651](CVE-2023/CVE-2023-16xx/CVE-2023-1651.json) (`2023-05-11T18:52:54.370`) -* [CVE-2023-1660](CVE-2023/CVE-2023-16xx/CVE-2023-1660.json) (`2023-05-11T18:50:04.077`) -* [CVE-2023-1806](CVE-2023/CVE-2023-18xx/CVE-2023-1806.json) (`2023-05-11T18:56:50.760`) -* [CVE-2023-21776](CVE-2023/CVE-2023-217xx/CVE-2023-21776.json) (`2023-05-11T18:15:12.250`) -* [CVE-2023-22710](CVE-2023/CVE-2023-227xx/CVE-2023-22710.json) (`2023-05-11T19:06:29.917`) -* [CVE-2023-23894](CVE-2023/CVE-2023-238xx/CVE-2023-23894.json) (`2023-05-11T19:08:44.543`) -* [CVE-2023-24376](CVE-2023/CVE-2023-243xx/CVE-2023-24376.json) (`2023-05-11T19:08:28.000`) -* [CVE-2023-24408](CVE-2023/CVE-2023-244xx/CVE-2023-24408.json) (`2023-05-11T19:01:08.147`) -* [CVE-2023-2560](CVE-2023/CVE-2023-25xx/CVE-2023-2560.json) (`2023-05-11T18:27:40.423`) -* [CVE-2023-28248](CVE-2023/CVE-2023-282xx/CVE-2023-28248.json) (`2023-05-11T18:15:12.443`) -* [CVE-2023-28271](CVE-2023/CVE-2023-282xx/CVE-2023-28271.json) (`2023-05-11T18:15:12.650`) -* [CVE-2023-28293](CVE-2023/CVE-2023-282xx/CVE-2023-28293.json) (`2023-05-11T18:15:12.817`) -* [CVE-2023-28493](CVE-2023/CVE-2023-284xx/CVE-2023-28493.json) (`2023-05-11T18:59:41.717`) -* [CVE-2023-29085](CVE-2023/CVE-2023-290xx/CVE-2023-29085.json) (`2023-05-11T18:15:13.953`) -* [CVE-2023-29086](CVE-2023/CVE-2023-290xx/CVE-2023-29086.json) (`2023-05-11T18:15:14.200`) -* [CVE-2023-29087](CVE-2023/CVE-2023-290xx/CVE-2023-29087.json) (`2023-05-11T18:15:14.300`) -* [CVE-2023-29088](CVE-2023/CVE-2023-290xx/CVE-2023-29088.json) (`2023-05-11T18:15:14.563`) -* [CVE-2023-29089](CVE-2023/CVE-2023-290xx/CVE-2023-29089.json) (`2023-05-11T18:15:14.927`) -* [CVE-2023-29090](CVE-2023/CVE-2023-290xx/CVE-2023-29090.json) (`2023-05-11T18:15:15.277`) -* [CVE-2023-29091](CVE-2023/CVE-2023-290xx/CVE-2023-29091.json) (`2023-05-11T18:15:15.443`) -* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-11T18:02:30.523`) -* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-11T18:06:22.817`) -* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-11T18:13:33.977`) -* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-11T18:17:06.773`) -* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-11T18:19:39.167`) -* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-11T18:23:11.180`) -* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-11T18:23:44.497`) -* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-11T18:31:11.017`) -* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-11T18:38:32.380`) -* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-11T18:45:43.990`) -* [CVE-2023-31183](CVE-2023/CVE-2023-311xx/CVE-2023-31183.json) (`2023-05-11T19:09:15.927`) +* [CVE-2019-0160](CVE-2019/CVE-2019-01xx/CVE-2019-0160.json) (`2023-05-11T21:15:09.570`) +* [CVE-2020-18131](CVE-2020/CVE-2020-181xx/CVE-2020-18131.json) (`2023-05-11T20:38:11.717`) +* [CVE-2020-21038](CVE-2020/CVE-2020-210xx/CVE-2020-21038.json) (`2023-05-11T20:38:31.283`) +* [CVE-2022-48235](CVE-2022/CVE-2022-482xx/CVE-2022-48235.json) (`2023-05-11T20:01:36.210`) +* [CVE-2022-48236](CVE-2022/CVE-2022-482xx/CVE-2022-48236.json) (`2023-05-11T20:01:20.830`) +* [CVE-2022-48238](CVE-2022/CVE-2022-482xx/CVE-2022-48238.json) (`2023-05-11T20:34:03.250`) +* [CVE-2022-48239](CVE-2022/CVE-2022-482xx/CVE-2022-48239.json) (`2023-05-11T20:34:50.593`) +* [CVE-2022-48240](CVE-2022/CVE-2022-482xx/CVE-2022-48240.json) (`2023-05-11T20:34:59.237`) +* [CVE-2022-48371](CVE-2022/CVE-2022-483xx/CVE-2022-48371.json) (`2023-05-11T20:35:35.713`) +* [CVE-2022-48372](CVE-2022/CVE-2022-483xx/CVE-2022-48372.json) (`2023-05-11T20:17:45.393`) +* [CVE-2022-48373](CVE-2022/CVE-2022-483xx/CVE-2022-48373.json) (`2023-05-11T20:32:59.337`) +* [CVE-2022-48374](CVE-2022/CVE-2022-483xx/CVE-2022-48374.json) (`2023-05-11T20:33:35.387`) +* [CVE-2023-27934](CVE-2023/CVE-2023-279xx/CVE-2023-27934.json) (`2023-05-11T20:35:24.627`) +* [CVE-2023-27935](CVE-2023/CVE-2023-279xx/CVE-2023-27935.json) (`2023-05-11T20:35:40.257`) +* [CVE-2023-27936](CVE-2023/CVE-2023-279xx/CVE-2023-27936.json) (`2023-05-11T20:36:01.177`) +* [CVE-2023-27937](CVE-2023/CVE-2023-279xx/CVE-2023-27937.json) (`2023-05-11T20:36:18.677`) +* [CVE-2023-27938](CVE-2023/CVE-2023-279xx/CVE-2023-27938.json) (`2023-05-11T20:36:36.733`) +* [CVE-2023-27941](CVE-2023/CVE-2023-279xx/CVE-2023-27941.json) (`2023-05-11T20:36:55.917`) +* [CVE-2023-27942](CVE-2023/CVE-2023-279xx/CVE-2023-27942.json) (`2023-05-11T20:37:09.790`) ## Download and Usage