admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-09 03:57:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-15T21:00:18.073656+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-15 21:00:21 +00:00
parent fdad9d05d5
commit 2b5c8dba93
68 changed files with 2957 additions and 293 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
CVE-2020/CVE-2020-73xx/CVE-2020-7331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-7331",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2020-11-12T10:15:13.513",
"lastModified": "2023-11-07T03:26:03.267",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:12:41.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-428"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10335",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31839.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31839",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-06-10T17:15:08.113",
"lastModified": "2023-11-07T03:35:04.833",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:49:17.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 1.4
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -117,7 +127,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10362",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

47
CVE-2021/CVE-2021-318xx/CVE-2021-31844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31844",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-09-17T14:15:08.237",
"lastModified": "2023-11-07T03:35:06.443",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:03:38.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,23 +21,23 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -97,6 +107,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -104,9 +115,20 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.6.200",
"matchCriteriaId": "E4724109-5A28-4BB4-B1F2-32905FC7A813"
"matchCriteriaId": "2C1CC7A5-215B-481B-8290-9224C4B6C12A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
@ -116,7 +138,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10368",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

30
CVE-2021/CVE-2021-318xx/CVE-2021-31845.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31845",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-09-17T14:15:08.293",
"lastModified": "2023-11-07T03:35:06.767",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:46:17.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -107,6 +117,13 @@
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_discover:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.6.100",
"matchCriteriaId": "95D79E24-1FCA-4898-87ED-9C3DD85913ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_discover:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.7.0",
"versionEndExcluding": "11.7.100",
"matchCriteriaId": "82467BA6-07E1-4759-83FB-EB57365C3A50"
}
]
}
@ -116,7 +133,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10368",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

33
CVE-2021/CVE-2021-318xx/CVE-2021-31847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31847",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-09-22T14:15:07.563",
"lastModified": "2023-11-07T03:35:07.087",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:42:21.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -108,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:mcafee_agent:*:*:*:*:*:windows:*:*",
"criteria": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.7.4",
"matchCriteriaId": "308AEF58-0063-4FF5-A36E-0040F63EB10E"
"matchCriteriaId": "D3643699-06A5-4C9F-8FB4-D9A9F3C93977"
}
]
}
@ -120,11 +130,18 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10369",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-1104/",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31849.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31849",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-11-01T20:15:07.593",
"lastModified": "2023-11-07T03:35:07.753",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:05:44.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -124,7 +134,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10371",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-318xx/CVE-2021-31853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31853",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2021-11-10T09:15:07.307",
"lastModified": "2023-11-07T03:35:09.133",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:21:25.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -127,7 +137,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10374",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2021/CVE-2021-40xx/CVE-2021-4088.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4088",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-01-24T16:15:08.160",
"lastModified": "2023-11-07T03:40:09.830",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:25:04.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -129,7 +139,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10376",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2022/CVE-2022-08xx/CVE-2022-0842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0842",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-03-23T14:15:07.857",
"lastModified": "2023-11-07T03:41:35.383",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:24:37.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -181,7 +191,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2022/CVE-2022-08xx/CVE-2022-0857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0857",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-03-23T15:15:08.397",
"lastModified": "2023-11-07T03:41:36.343",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:06:18.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -181,7 +191,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

31
CVE-2022/CVE-2022-08xx/CVE-2022-0859.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0859",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-03-23T15:15:08.500",
"lastModified": "2023-11-07T03:41:36.863",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:30:45.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,23 +21,23 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -181,7 +191,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2022/CVE-2022-08xx/CVE-2022-0861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0861",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-03-23T15:15:08.557",
"lastModified": "2023-11-07T03:41:37.270",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:23:19.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 2.5
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -181,7 +191,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10379",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

28
CVE-2022/CVE-2022-12xx/CVE-2022-1258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1258",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-04-14T15:15:08.067",
"lastModified": "2023-11-07T03:41:51.687",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:30:13.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -107,11 +117,6 @@
"criteria": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.7.6",
"matchCriteriaId": "6F2B08BA-26B7-475F-86CF-D337717316C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:epolicy_orchestrator:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2422709F-5F51-480C-B717-185E2CBE1651"
}
]
}
@ -121,7 +126,10 @@
"references": [
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10382",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Broken Link"
]
}
]
}

23
CVE-2022/CVE-2022-18xx/CVE-2022-1824.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1824",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-06-20T11:15:09.857",
"lastModified": "2023-11-07T03:42:13.507",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:29:14.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 6.0
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -116,7 +126,10 @@
"references": [
{
"url": "https://service.mcafee.com/?articleId=TS103318&page=shell&shell=article-view",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

30
CVE-2022/CVE-2022-232xx/CVE-2022-23201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23201",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:09.173",
"lastModified": "2023-11-07T03:44:06.317",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:22:50.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

23
CVE-2022/CVE-2022-23xx/CVE-2022-2310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2310",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-07-27T10:15:08.280",
"lastModified": "2023-11-07T03:46:29.237",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:22:53.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -113,7 +123,10 @@
"references": [
{
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10384&actp=null&viewlocale=en_US&showDraft=false&platinum_status=false&locale=en_US",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2022/CVE-2022-23xx/CVE-2022-2330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2330",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2022-08-30T08:15:07.453",
"lastModified": "2023-11-07T03:46:31.303",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:24:26.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,17 @@
},
"weaknesses": [
{
"source": "01626437-bf8f-4d1c-912a-893b5eb04808",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
},
{
"source": "trellixpsirt@trellix.com",
"type": "Secondary",
"description": [
{
@ -81,8 +91,15 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.6.600.212",
"matchCriteriaId": "1EB1A32D-A930-47BD-B077-3E779C837CC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mcafee:data_loss_prevention_endpoint:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.9.0",
"versionEndExcluding": "11.9.100",
"matchCriteriaId": "3E4D47F6-45F7-468A-90E5-BBEC49E5C43C"
"matchCriteriaId": "F4F53665-7C00-43AA-9E9D-7DCB6F536595"
}
]
},
@ -103,7 +120,10 @@
"references": [
{
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10386",
"source": "trellixpsirt@trellix.com"
"source": "trellixpsirt@trellix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

30
CVE-2022/CVE-2022-306xx/CVE-2022-30677.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30677",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-16T18:15:12.577",
"lastModified": "2023-11-07T03:47:22.447",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:22:29.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-306xx/CVE-2022-30678.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30678",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-16T18:15:12.633",
"lastModified": "2023-11-07T03:47:22.697",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:22:17.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-306xx/CVE-2022-30681.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30681",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-16T18:15:12.753",
"lastModified": "2023-11-07T03:47:23.230",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:21:52.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34216",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:12.537",
"lastModified": "2023-11-07T03:48:26.950",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:13:19.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34219.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34219",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:12.693",
"lastModified": "2023-11-07T03:48:27.233",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:13:06.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34220.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34220",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:12.773",
"lastModified": "2023-11-07T03:48:27.557",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:13:44.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34221.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34221",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:12.853",
"lastModified": "2023-11-07T03:48:27.830",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:12:45.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34245.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34245",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:15.147",
"lastModified": "2023-11-07T03:48:28.450",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:12:37.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -50,7 +72,7 @@
]
},
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34247.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34247",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:15.377",
"lastModified": "2023-11-07T03:48:28.997",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:12:31.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34249.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34249",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:15.633",
"lastModified": "2023-11-07T03:48:29.250",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:12:22.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34250.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34250",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:15.770",
"lastModified": "2023-11-07T03:48:29.540",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:12:02.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-342xx/CVE-2022-34251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34251",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-15T16:15:16.050",
"lastModified": "2023-11-07T03:48:29.780",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T20:11:18.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

33
CVE-2022/CVE-2022-342xx/CVE-2022-34260.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34260",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-08-11T15:15:12.490",
"lastModified": "2023-11-07T03:48:30.677",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:51:46.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
@ -61,8 +83,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:illustrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "25.0",
"versionEndIncluding": "25.4.6",
"matchCriteriaId": "80737A37-6E3C-4011-877D-202B1A421736"
"matchCriteriaId": "658376C0-74DD-4A4E-843F-48C855EDCB2B"
},
{
"vulnerable": true,

30
CVE-2022/CVE-2022-356xx/CVE-2022-35672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35672",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-07-27T17:15:08.347",
"lastModified": "2023-11-07T03:49:20.483",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:37:55.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-356xx/CVE-2022-35699.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35699",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-19T16:15:10.343",
"lastModified": "2023-11-07T03:49:21.130",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:37:48.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-357xx/CVE-2022-35700.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35700",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-19T16:15:10.413",
"lastModified": "2023-11-07T03:49:21.457",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:38:09.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-357xx/CVE-2022-35701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35701",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-19T16:15:10.490",
"lastModified": "2023-11-07T03:49:21.760",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:38:22.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

30
CVE-2022/CVE-2022-357xx/CVE-2022-35703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-35703",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-09-19T16:15:10.613",
"lastModified": "2023-11-07T03:49:22.350",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:39:02.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,9 +15,31 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
@ -40,7 +62,7 @@
},
"weaknesses": [
{
"source": "078d4453-3bcd-4900-85e6-15281da43538",
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{

35
CVE-2023/CVE-2023-201xx/CVE-2023-20198.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20198",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-10-16T16:15:10.023",
"lastModified": "2023-11-14T03:15:08.127",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-15T19:29:03.473",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-16",
"cisaActionDue": "2023-10-20",
"cisaRequiredAction": "Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.",
@ -84,8 +84,30 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.12",
"versionEndExcluding": "16.12.10a",
"matchCriteriaId": "2C8A350D-6C3A-430F-9763-5D167C5CEAE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.3",
"versionEndExcluding": "17.3.8a",
"matchCriteriaId": "BEA2169A-BE52-48B4-8967-D99A4BCAFF58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6",
"versionEndExcluding": "17.6.6a",
"matchCriteriaId": "281561C8-E24D-4AC1-B1F8-1D32171B9A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.9",
"versionEndExcluding": "17.9.4a",
"matchCriteriaId": "57A434FD-E06D-4D3D-B394-DFBC46FF6420"
"matchCriteriaId": "B628DA7F-32AA-459B-95A6-AF3BFC0E765C"
}
]
}
@ -95,7 +117,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z",

11
CVE-2023/CVE-2023-202xx/CVE-2023-20273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20273",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-10-25T18:17:23.017",
"lastModified": "2023-11-14T03:15:08.267",
"vulnStatus": "Modified",
"lastModified": "2023-11-15T19:13:12.563",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-23",
"cisaActionDue": "2023-10-27",
"cisaRequiredAction": "Verify that instances of Cisco IOS XE Web UI are in compliance with BOD 23-02 and apply mitigations per vendor instructions. For affected products (Cisco IOS XE Web UI exposed to the internet or to untrusted networks), follow vendor instructions to determine if a system may have been compromised and immediately report positive findings to CISA.",
@ -749,7 +749,12 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/175674/Cisco-IOX-XE-Unauthenticated-Remote-Code-Execution.html",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-privesc-j22SaA4z",

55
CVE-2023/CVE-2023-228xx/CVE-2023-22818.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22818",
"sourceIdentifier": "psirt@wdc.com",
"published": "2023-11-15T20:15:07.157",
"lastModified": "2023-11-15T20:15:07.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple DLL Search Order Hijack vulnerabilities were addressed in the SanDisk Security Installer for\nWindows that could allow attackers with local access to execute arbitrary code by executing the installer\nin the same folder as the malicious DLL.\u00a0This can lead to the execution of arbitrary\ncode with the privileges of the vulnerable application or obtain a certain level of persistence\non the compromised host.\u00a0"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@wdc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@wdc.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://www.westerndigital.com/support/product-security/wdc-23013-sandisk-security-installer-for-windows-1-0-0-25",
"source": "psirt@wdc.com"
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27436.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27436",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-13T00:15:08.537",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:09:41.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Louis Reingold Elegant Custom Fonts plugin <=\u00a01.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Louis Reingold Elegant Custom Fonts en versiones &lt;= 1.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:breakdance:elegant_custom_fonts:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "2D5E4C21-2AF6-406D-BB8E-6A7EB57DA68A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/elegant-custom-fonts/wordpress-elegant-custom-fonts-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27438.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27438",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-13T00:15:08.743",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:12:13.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Evgen Yurchenko WP Translitera plugin <=\u00a0p1.2.5 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Evgen Yurchenko WP Translitera en versiones &lt;= p1.2.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yur4enko:wp_translitera:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.5",
"matchCriteriaId": "F1A9DF9C-3108-4D17-92E6-3B8723D03350"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-translitera/wordpress-wp-translitera-plugin-p1-2-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-274xx/CVE-2023-27441.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27441",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-13T00:15:08.937",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:15:28.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in gl_SPICE New Adman plugin <=\u00a01.6.8 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento gl_SPICE New Adman en versiones &lt;= 1.6.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:new_adman_project:new_adman:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.8",
"matchCriteriaId": "2FC4851E-0CDD-4180-A014-BB55C496316B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/new-adman/wordpress-new-adman-plugin-1-6-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27445.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27445",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-13T00:15:09.127",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:18:33.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Meril Inc. Blog Floating Button plugin <=\u00a01.4.12 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Meril Inc. Blog Floating Button en versiones &lt;= 1.4.12."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meril:blog_floating_button:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.12",
"matchCriteriaId": "3FEDFF11-2A2F-432D-B644-B79CEA03E1C0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/blog-floating-button/wordpress-blog-floating-button-plugin-1-4-12-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-284xx/CVE-2023-28495.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-28495",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T22:15:28.580",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:05:14.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop WP Shortcode by MyThemeShop plugin <=\u00a01.4.16 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento MyThemeShop WP Shortcode by MyThemeShop en versiones &lt;= 1.4.16."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mythemeshop:wp_shortcode:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.16",
"matchCriteriaId": "FD909FBE-10D4-4DAF-A1E3-A614AECFA202"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-shortcode/wordpress-wp-shortcode-by-mythemeshop-plugin-1-4-16-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-284xx/CVE-2023-28497.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-28497",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T22:15:28.820",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:06:34.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <=\u00a01.7.6 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Tribulant Slideshow Gallery LITE en versiones &lt;= 1.7.6."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribulant:slideshow_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.6",
"matchCriteriaId": "1B1EC01D-BC16-47D8-97DC-BC7B53AC5BF8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/slideshow-gallery/wordpress-slideshow-gallery-lite-plugin-1-7-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-284xx/CVE-2023-28498.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-28498",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T22:15:29.007",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:09:32.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in MotoPress Hotel Booking Lite plugin <=\u00a04.6.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento MotoPress Hotel Booking Lite en versiones &lt;= 4.6.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:motopress:hotel_booking_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.6.0",
"matchCriteriaId": "F6C08D2B-5B03-43B8-A527-DD2FC6B849BD"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/motopress-hotel-booking-lite/wordpress-hotel-booking-lite-plugin-4-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-309xx/CVE-2023-30954.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-30954",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-11-15T20:15:07.380",
"lastModified": "2023-11-15T20:15:07.380",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls new videos if the source system had not yet initialized."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=d2366a3e-a92c-476e-8a7a-7db60e4be567",
"source": "cve-coordination@palantir.com"
}
]
}

52
CVE-2023/CVE-2023-325xx/CVE-2023-32579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32579",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T22:15:10.730",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:00:31.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,7 +14,30 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Designs &amp; Code Forget About Shortcode Buttons en versiones &lt;= 2.1.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -27,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:designsandcode:forget_about_shortcode_buttons:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.3",
"matchCriteriaId": "1F303B88-63BD-4EF6-8A57-3917D320E407"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/forget-about-shortcode-buttons/wordpress-forget-about-shortcode-buttons-plugin-2-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-340xx/CVE-2023-34031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34031",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-09T21:15:24.827",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:01:59.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,8 +14,41 @@
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Pascal Casier bbPress Toolkit en versiones &lt;= 1.0.12."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -27,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:casier:bbpress_toolkit:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.12",
"matchCriteriaId": "D2A99153-F084-4A08-95AF-E8D580AF5DF1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bbp-toolkit/wordpress-bbpress-toolkit-plugin-1-0-12-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-392xx/CVE-2023-39284.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39284",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-02T21:15:09.747",
"lastModified": "2023-11-03T13:22:41.650",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:32:55.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,103 @@
"value": "Se descubri\u00f3 un problema en IhisiServicesSmm en Insyde InsydeH2O con kernel 5.0 a 5.5. Hay llamadas arbitrarias a SetVariable con argumentos no sanitizados en el controlador SMI."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.2",
"versionEndExcluding": "5.2.05.28.33",
"matchCriteriaId": "C10090BD-39E8-4A11-B0F2-B850C3A382C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3",
"versionEndExcluding": "5.3.05.37.33",
"matchCriteriaId": "E06B9A6E-8D0D-433A-80B2-BB1930E83BC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4",
"versionEndExcluding": "5.4.05.45.33",
"matchCriteriaId": "949EAF2E-BD4A-470C-837C-781DEEB17F34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.5.05.53.33",
"matchCriteriaId": "FDF8462F-BE2B-4FEA-9D71-F835F118D37B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6",
"versionEndExcluding": "5.6.05.60.33",
"matchCriteriaId": "4A9478E0-CA2A-4770-85AB-74DFFF518B90"
}
]
}
]
}
],
"references": [
{
"url": "https://www.insyde.com/security-pledge",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.insyde.com/security-pledge/SA-2023056",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

343
CVE-2023/CVE-2023-394xx/CVE-2023-39435.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-39435",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-08T23:15:08.310",
"lastModified": "2023-11-09T13:46:14.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:47:32.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 IP Cameras \n\nwith firmware version M2.1.6.05 are \nvulnerable to stack-based overflows. During the process of updating \ncertain settings sent from incoming network requests, the product does \nnot sufficiently check or validate allocated buffer size. This may lead \nto remote code execution.\n\n"
},
{
"lang": "es",
"value": "IP Cameras Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220 y CD321 con versi\u00f3n de firmware M2.1.6.05 son vulnerables a desbordamientos basados en pila. Durante el proceso de actualizaci\u00f3n de ciertas configuraciones enviadas desde solicitudes de red entrantes, el producto no verifica ni valida suficientemente el tama\u00f1o del b\u00fafer asignado. Esto puede provocar la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,313 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7500_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "D543FC87-52FF-4BC4-BE57-949BB23D88AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30F595D2-3CB4-4444-A01F-CE38CBE2D0DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7300_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3FA43E48-E3D0-4913-9040-BF11D9E61385"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B008EE1F-5B08-417A-8206-20F1362DB911"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7201_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6E3CDA-3C8B-4894-A42A-CFC5AA077047"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5240BE7-31E4-4A40-A480-E744E3CAEA3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7501_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF6549F-9E86-4B45-8B60-BB62BEB72B19"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9285F916-50BE-4E41-8EF3-97D882B54CD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb3211_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7DBB50-D334-493F-B661-04C798383D29"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb3211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C32A113-76F5-4EBD-BD15-EFBB17F0942C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb3212_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "883549EB-5A5B-437E-8B10-D7C691142B92"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb3212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC86EF14-298F-414E-8558-1D025CDF6057"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb5220_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C43C9ED3-167E-4424-841E-50A56FF398F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEC44B0-C2C7-4306-91CA-AA841B23498D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb6231_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8483A6-426F-4595-8B7F-1FC04E9B31FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb6231:-:*:*:*:*:*:*:*",
"matchCriteriaId": "766018BD-DD32-420A-9511-D97D9DE46BBA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:b8520_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "779DE260-60AA-465E-957D-B7502E806863"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:b8520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60E1FE1-F2E8-4BF7-A33D-4ED4D72BF360"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:b8220_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99AC7EEC-C4A5-4F79-9608-D02E29356217"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:b8220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8623A941-0514-49BD-967D-E347F6F99329"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cd321_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "35DCACBC-6483-4113-BC77-041BE4D692F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cd321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E906053-BE44-45B4-AD08-D7DFCFD5EDF2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

343
CVE-2023/CVE-2023-39xx/CVE-2023-3959.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3959",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-11-08T23:15:08.523",
"lastModified": "2023-11-09T13:46:14.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:44:58.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220,\n CB6231, B8520, B8220, and CD321 \n\nIP Cameras\n\nwith firmware version M2.1.6.05 are \nvulnerable to multiple instances of stack-based overflows. While \nprocessing XML elements from incoming network requests, the product does\n not sufficiently check or validate allocated buffer size. This may lead\n to remote code execution.\n\n"
},
{
"lang": "es",
"value": "IP Cameras Zavio CF7500, CF7300, CF7201, CF7501, CB3211, CB3212, CB5220, CB6231, B8520, B8220 y CD321 con versi\u00f3n de firmware M2.1.6.05 son vulnerables a m\u00faltiples instancias de desbordamientos basados en pila. Mientras procesa elementos XML de solicitudes de red entrantes, el producto no verifica ni valida suficientemente el tama\u00f1o del b\u00fafer asignado. Esto puede provocar la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +80,313 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7500_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "D543FC87-52FF-4BC4-BE57-949BB23D88AD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30F595D2-3CB4-4444-A01F-CE38CBE2D0DC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7300_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3FA43E48-E3D0-4913-9040-BF11D9E61385"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B008EE1F-5B08-417A-8206-20F1362DB911"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7201_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "7A6E3CDA-3C8B-4894-A42A-CFC5AA077047"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5240BE7-31E4-4A40-A480-E744E3CAEA3A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cf7501_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "5CF6549F-9E86-4B45-8B60-BB62BEB72B19"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cf7501:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9285F916-50BE-4E41-8EF3-97D882B54CD6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb3211_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "3F7DBB50-D334-493F-B661-04C798383D29"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb3211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C32A113-76F5-4EBD-BD15-EFBB17F0942C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb3212_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "883549EB-5A5B-437E-8B10-D7C691142B92"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb3212:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC86EF14-298F-414E-8558-1D025CDF6057"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb5220_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "C43C9ED3-167E-4424-841E-50A56FF398F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb5220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AFEC44B0-C2C7-4306-91CA-AA841B23498D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cb6231_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8483A6-426F-4595-8B7F-1FC04E9B31FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cb6231:-:*:*:*:*:*:*:*",
"matchCriteriaId": "766018BD-DD32-420A-9511-D97D9DE46BBA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:b8520_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "779DE260-60AA-465E-957D-B7502E806863"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:b8520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F60E1FE1-F2E8-4BF7-A33D-4ED4D72BF360"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:b8220_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99AC7EEC-C4A5-4F79-9608-D02E29356217"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:b8220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8623A941-0514-49BD-967D-E347F6F99329"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:zavio:cd321_firmware:m2.1.6.05:*:*:*:*:*:*:*",
"matchCriteriaId": "35DCACBC-6483-4113-BC77-041BE4D692F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:zavio:cd321:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E906053-BE44-45B4-AD08-D7DFCFD5EDF2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-304-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

59
CVE-2023/CVE-2023-416xx/CVE-2023-41699.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-41699",
"sourceIdentifier": "769c9ae7-73c3-4e47-ae19-903170fc3eb8",
"published": "2023-11-15T20:15:07.580",
"lastModified": "2023-11-15T20:15:07.580",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%206.2023.11.html",
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8"
},
{
"url": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.8.0.html",
"source": "769c9ae7-73c3-4e47-ae19-903170fc3eb8"
}
]
}

4
CVE-2023/CVE-2023-453xx/CVE-2023-45319.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45319",
"sourceIdentifier": "security@puppet.com",
"published": "2023-11-08T16:15:10.000",
"lastModified": "2023-11-15T18:31:29.637",
"lastModified": "2023-11-15T20:15:50.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -103,7 +103,7 @@
"url": "https://perforce.com",
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
"Product"
]
}
]

4
CVE-2023/CVE-2023-458xx/CVE-2023-45849.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45849",
"sourceIdentifier": "security@puppet.com",
"published": "2023-11-08T16:15:10.193",
"lastModified": "2023-11-15T18:24:38.817",
"lastModified": "2023-11-15T20:15:38.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -103,7 +103,7 @@
"url": "https://perforce.com",
"source": "security@puppet.com",
"tags": [
"Vendor Advisory"
"Product"
]
}
]

74
CVE-2023/CVE-2023-463xx/CVE-2023-46362.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-46362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T21:15:08.633",
"lastModified": "2023-11-09T13:46:19.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:49:17.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que jbig2enc v0.28 conten\u00eda un heap-use-after-free a trav\u00e9s de jbig2enc_auto_threshold_using_hash en src/jbig2enc.cc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jbig2enc_project:jbig2enc:0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB6C453-2F4A-4ED7-B529-879B4527FBE3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/agl/jbig2enc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/agl/jbig2enc/issues/84",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-463xx/CVE-2023-46363.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-46363",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T21:15:08.673",
"lastModified": "2023-11-09T13:46:19.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:22:31.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que jbig2enc v0.28 conten\u00eda un SEGV a trav\u00e9s de jbig2_add_page en src/jbig2enc.cc:512."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jbig2enc_project:jbig2enc:0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "5BB6C453-2F4A-4ED7-B529-879B4527FBE3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/agl/jbig2enc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/agl/jbig2enc/issues/85",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-467xx/CVE-2023-46777.json
View File

@ -2,15 +2,42 @@
"id": "CVE-2023-46777",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-06T12:15:08.450",
"lastModified": "2023-11-06T13:00:43.923",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:21:23.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <=\u00a01.1.3 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Custom Login Page | Temporary Users | Rebrand Login | Login Captcha en versiones &lt;= 1.1.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
@ -23,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:featherplugins:custom_login_page_\\|_temporary_users_\\|_rebrand_login_\\|_login_captcha:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.3",
"matchCriteriaId": "F8BC204B-A647-44B7-ACEB-5863095FC8ED"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/feather-login-page/wordpress-feather-login-page-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-473xx/CVE-2023-47379.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-47379",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-08T17:15:07.937",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:12:54.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality."
},
{
"lang": "es",
"value": "Microweber CMS versi\u00f3n 2.0.1 es vulnerable a Cross Site Scripting (XSS) almacenado a trav\u00e9s de la funcionalidad de subida de archivos de imagen de perfil."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microweber:microweber:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "70DDD302-ABA6-4C33-96CF-414B2C9D3027"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/microweber/microweber/blob/master/CHANGELOG.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://www.getastra.com/blog/security-audit/stored-xss-vulnerability/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-476xx/CVE-2023-47636.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-47636",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-15T20:15:07.803",
"lastModified": "2023-11-15T20:15:07.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. In the case of pimcore, the fopen() function here doesn't have an error handle when the file doesn't exist on the server so the server response raises the full path \"fopen(/var/www/html/var/tmp/export-{ uniqe id}.csv)\". This issue has been patched in commit `10d178ef771` which has been included in release version 1.2.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/commit/10d178ef771097604a256c1192b098af9ec57a87",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-c8hj-w239-5gvf",
"source": "security-advisories@github.com"
},
{
"url": "https://huntr.com/bounties/4af4db18-9fd4-43e9-8bc6-c88aaf76839c/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-476xx/CVE-2023-47637.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-47637",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-15T20:15:08.013",
"lastModified": "2023-11-15T20:15:08.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Pimcore is an Open Source Data & Experience Management Platform. In affected versions the `/admin/object/grid-proxy` endpoint calls `getFilterCondition()` on fields of classes to be filtered for, passing input from the request, and later executes the returned SQL. One implementation of `getFilterCondition()` is in `Multiselect`, which does not normalize/escape/validate the passed value. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. This vulnerability has been addressed in version 11.1.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/blob/bba7c7419cb1f06d5fd98781eab4d6995e4e5dca/src/Helper/GridHelperService.php#L311",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/pimcore/commit/d164d99c90f098d0ccd6b72929c48b727e2953a0",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-72hh-xf79-429p",
"source": "security-advisories@github.com"
}
]
}

7
CVE-2023/CVE-2023-47xx/CVE-2023-4759.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4759",
"sourceIdentifier": "emo@eclipse.org",
"published": "2023-09-12T10:15:29.977",
"lastModified": "2023-09-18T13:54:11.407",
"lastModified": "2023-11-15T19:35:44.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -98,9 +98,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eclipse:jgit:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6.0",
"versionEndExcluding": "6.6.1.202309021850",
"matchCriteriaId": "265F20F2-D498-42D8-AD89-3863FFAC0800"
"versionEndExcluding": "6.6.0.202305301015",
"matchCriteriaId": "CC9513AB-BC74-4B00-8BEF-AA317489848E"
},
{
"vulnerable": true,

24
CVE-2023/CVE-2023-480xx/CVE-2023-48011.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-48011",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T19:15:07.693",
"lastModified": "2023-11-15T19:15:07.693",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gpac/gpac/commit/c70f49dda4946d6db6aa55588f6a756b76bd84ea",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/gpac/gpac/issues/2611",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-480xx/CVE-2023-48013.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-48013",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T19:15:07.753",
"lastModified": "2023-11-15T19:15:07.753",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a double free via the gf_filterpacket_del function at /gpac/src/filter_core/filter.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gpac/gpac/commit/cd8a95c1efb8f5bfc950b86c2ef77b4c76f6b893",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/gpac/gpac/issues/2612",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-480xx/CVE-2023-48014.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-48014",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-15T19:15:07.803",
"lastModified": "2023-11-15T19:15:07.803",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a stack overflow via the hevc_parse_vps_extension function at /media_tools/av_parsers.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gpac/gpac/commit/66abf0887c89c29a484d9e65e70882794e9e3a1b",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/gpac/gpac/issues/2613",
"source": "cve@mitre.org"
}
]
}

63
CVE-2023/CVE-2023-482xx/CVE-2023-48219.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-48219",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-15T19:15:07.857",
"lastModified": "2023-11-15T19:15:07.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TinyMCE is an open source rich text editor. A mutation cross-site scripting (mXSS) vulnerability was discovered in TinyMCE\u2019s core undo/redo functionality and other APIs and plugins. Text nodes within specific parents are not escaped upon serialization according to the HTML standard. If such text nodes contain a special character reserved as an internal marker, they can be combined with other HTML patterns to form malicious snippets. These snippets pass the initial sanitisation layer when the content is parsed into the editor body, but can trigger XSS when the special internal marker is removed from the content and re-parsed. his vulnerability has been patched in TinyMCE versions 6.7.3 and 5.10.9. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-v626-r774-j7f8",
"source": "security-advisories@github.com"
},
{
"url": "https://tiny.cloud/docs/release-notes/release-notes5109/",
"source": "security-advisories@github.com"
},
{
"url": "https://tiny.cloud/docs/tinymce/6/6.7.3-release-notes/",
"source": "security-advisories@github.com"
}
]
}

61
CVE-2023/CVE-2023-57xx/CVE-2023-5759.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5759",
"sourceIdentifier": "security@puppet.com",
"published": "2023-11-08T16:15:11.253",
"lastModified": "2023-11-08T17:25:02.317",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T20:17:01.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason Geffner. \u00a0\n"
},
{
"lang": "es",
"value": "En las versiones de Helix Core anteriores a 2023.2, se identific\u00f3 una Denegaci\u00f3n de Servicio (DoS) remota no autenticada a trav\u00e9s del b\u00fafer. Reportado por Jason Geffner."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@puppet.com",
"type": "Secondary",
@ -46,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:perforce:helix_core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.2",
"matchCriteriaId": "A3D3C9B0-BDEA-4021-A6E5-22584345FD82"
}
]
}
]
}
],
"references": [
{
"url": "https://perforce.com",
"source": "security@puppet.com"
"source": "security@puppet.com",
"tags": [
"Product"
]
}
]
}

64
CVE-2023/CVE-2023-60xx/CVE-2023-6069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6069",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-11-10T01:15:07.623",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-15T19:05:02.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -39,6 +61,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
@ -50,14 +82,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:froxlor:froxlor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.0",
"matchCriteriaId": "3198109A-4339-43E3-AC82-0C238676EE5A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/froxlor/froxlor/commit/9e8f32f1e86016733b603b50c31b97f472e8dabc",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.com/bounties/aac0627e-e59d-476e-9385-edb7ff53758c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
}
]
}

74
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-15T19:00:18.474903+00:00
2023-11-15T21:00:18.073656+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-15T19:00:02.927000+00:00
2023-11-15T20:49:17.243000+00:00
```
### Last Data Feed Release
@ -29,49 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
230855
230864
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `9`
* [CVE-2023-33873](CVE-2023/CVE-2023-338xx/CVE-2023-33873.json) (`2023-11-15T17:15:41.313`)
* [CVE-2023-34982](CVE-2023/CVE-2023-349xx/CVE-2023-34982.json) (`2023-11-15T17:15:41.563`)
* [CVE-2023-6079](CVE-2023/CVE-2023-60xx/CVE-2023-6079.json) (`2023-11-15T17:15:41.840`)
* [CVE-2023-5997](CVE-2023/CVE-2023-59xx/CVE-2023-5997.json) (`2023-11-15T18:15:06.873`)
* [CVE-2023-6112](CVE-2023/CVE-2023-61xx/CVE-2023-6112.json) (`2023-11-15T18:15:06.933`)
* [CVE-2023-48011](CVE-2023/CVE-2023-480xx/CVE-2023-48011.json) (`2023-11-15T19:15:07.693`)
* [CVE-2023-48013](CVE-2023/CVE-2023-480xx/CVE-2023-48013.json) (`2023-11-15T19:15:07.753`)
* [CVE-2023-48014](CVE-2023/CVE-2023-480xx/CVE-2023-48014.json) (`2023-11-15T19:15:07.803`)
* [CVE-2023-48219](CVE-2023/CVE-2023-482xx/CVE-2023-48219.json) (`2023-11-15T19:15:07.857`)
* [CVE-2023-22818](CVE-2023/CVE-2023-228xx/CVE-2023-22818.json) (`2023-11-15T20:15:07.157`)
* [CVE-2023-30954](CVE-2023/CVE-2023-309xx/CVE-2023-30954.json) (`2023-11-15T20:15:07.380`)
* [CVE-2023-41699](CVE-2023/CVE-2023-416xx/CVE-2023-41699.json) (`2023-11-15T20:15:07.580`)
* [CVE-2023-47636](CVE-2023/CVE-2023-476xx/CVE-2023-47636.json) (`2023-11-15T20:15:07.803`)
* [CVE-2023-47637](CVE-2023/CVE-2023-476xx/CVE-2023-47637.json) (`2023-11-15T20:15:08.013`)
### CVEs modified in the last Commit
Recently modified CVEs: `50`
Recently modified CVEs: `58`
* [CVE-2023-31086](CVE-2023/CVE-2023-310xx/CVE-2023-31086.json) (`2023-11-15T17:49:30.480`)
* [CVE-2023-36024](CVE-2023/CVE-2023-360xx/CVE-2023-36024.json) (`2023-11-15T17:49:38.517`)
* [CVE-2023-45849](CVE-2023/CVE-2023-458xx/CVE-2023-45849.json) (`2023-11-15T18:24:38.817`)
* [CVE-2023-45319](CVE-2023/CVE-2023-453xx/CVE-2023-45319.json) (`2023-11-15T18:31:29.637`)
* [CVE-2023-47397](CVE-2023/CVE-2023-473xx/CVE-2023-47397.json) (`2023-11-15T18:36:36.873`)
* [CVE-2023-22719](CVE-2023/CVE-2023-227xx/CVE-2023-22719.json) (`2023-11-15T18:40:21.427`)
* [CVE-2023-5136](CVE-2023/CVE-2023-51xx/CVE-2023-5136.json) (`2023-11-15T18:42:41.643`)
* [CVE-2023-23678](CVE-2023/CVE-2023-236xx/CVE-2023-23678.json) (`2023-11-15T18:43:43.703`)
* [CVE-2023-46642](CVE-2023/CVE-2023-466xx/CVE-2023-46642.json) (`2023-11-15T18:45:53.883`)
* [CVE-2023-23796](CVE-2023/CVE-2023-237xx/CVE-2023-23796.json) (`2023-11-15T18:47:20.180`)
* [CVE-2023-25983](CVE-2023/CVE-2023-259xx/CVE-2023-25983.json) (`2023-11-15T18:47:31.797`)
* [CVE-2023-36527](CVE-2023/CVE-2023-365xx/CVE-2023-36527.json) (`2023-11-15T18:47:49.703`)
* [CVE-2023-32602](CVE-2023/CVE-2023-326xx/CVE-2023-32602.json) (`2023-11-15T18:49:21.803`)
* [CVE-2023-34025](CVE-2023/CVE-2023-340xx/CVE-2023-34025.json) (`2023-11-15T18:51:23.390`)
* [CVE-2023-34024](CVE-2023/CVE-2023-340xx/CVE-2023-34024.json) (`2023-11-15T18:51:36.880`)
* [CVE-2023-32794](CVE-2023/CVE-2023-327xx/CVE-2023-32794.json) (`2023-11-15T18:51:46.473`)
* [CVE-2023-32745](CVE-2023/CVE-2023-327xx/CVE-2023-32745.json) (`2023-11-15T18:51:55.497`)
* [CVE-2023-32744](CVE-2023/CVE-2023-327xx/CVE-2023-32744.json) (`2023-11-15T18:52:04.750`)
* [CVE-2023-32739](CVE-2023/CVE-2023-327xx/CVE-2023-32739.json) (`2023-11-15T18:53:54.840`)
* [CVE-2023-31078](CVE-2023/CVE-2023-310xx/CVE-2023-31078.json) (`2023-11-15T18:54:15.437`)
* [CVE-2023-36667](CVE-2023/CVE-2023-366xx/CVE-2023-36667.json) (`2023-11-15T18:55:06.793`)
* [CVE-2023-30478](CVE-2023/CVE-2023-304xx/CVE-2023-30478.json) (`2023-11-15T18:57:55.753`)
* [CVE-2023-29440](CVE-2023/CVE-2023-294xx/CVE-2023-29440.json) (`2023-11-15T18:58:06.763`)
* [CVE-2023-29428](CVE-2023/CVE-2023-294xx/CVE-2023-29428.json) (`2023-11-15T18:59:05.663`)
* [CVE-2023-29426](CVE-2023/CVE-2023-294xx/CVE-2023-29426.json) (`2023-11-15T19:00:02.927`)
* [CVE-2022-0861](CVE-2022/CVE-2022-08xx/CVE-2022-0861.json) (`2023-11-15T20:23:19.523`)
* [CVE-2022-0842](CVE-2022/CVE-2022-08xx/CVE-2022-0842.json) (`2023-11-15T20:24:37.953`)
* [CVE-2023-32579](CVE-2023/CVE-2023-325xx/CVE-2023-32579.json) (`2023-11-15T19:00:31.357`)
* [CVE-2023-34031](CVE-2023/CVE-2023-340xx/CVE-2023-34031.json) (`2023-11-15T19:01:59.513`)
* [CVE-2023-6069](CVE-2023/CVE-2023-60xx/CVE-2023-6069.json) (`2023-11-15T19:05:02.740`)
* [CVE-2023-28495](CVE-2023/CVE-2023-284xx/CVE-2023-28495.json) (`2023-11-15T19:05:14.223`)
* [CVE-2023-28497](CVE-2023/CVE-2023-284xx/CVE-2023-28497.json) (`2023-11-15T19:06:34.483`)
* [CVE-2023-28498](CVE-2023/CVE-2023-284xx/CVE-2023-28498.json) (`2023-11-15T19:09:32.613`)
* [CVE-2023-27436](CVE-2023/CVE-2023-274xx/CVE-2023-27436.json) (`2023-11-15T19:09:41.087`)
* [CVE-2023-27438](CVE-2023/CVE-2023-274xx/CVE-2023-27438.json) (`2023-11-15T19:12:13.987`)
* [CVE-2023-20273](CVE-2023/CVE-2023-202xx/CVE-2023-20273.json) (`2023-11-15T19:13:12.563`)
* [CVE-2023-27441](CVE-2023/CVE-2023-274xx/CVE-2023-27441.json) (`2023-11-15T19:15:28.277`)
* [CVE-2023-27445](CVE-2023/CVE-2023-274xx/CVE-2023-27445.json) (`2023-11-15T19:18:33.467`)
* [CVE-2023-46363](CVE-2023/CVE-2023-463xx/CVE-2023-46363.json) (`2023-11-15T19:22:31.510`)
* [CVE-2023-20198](CVE-2023/CVE-2023-201xx/CVE-2023-20198.json) (`2023-11-15T19:29:03.473`)
* [CVE-2023-4759](CVE-2023/CVE-2023-47xx/CVE-2023-4759.json) (`2023-11-15T19:35:44.150`)
* [CVE-2023-46362](CVE-2023/CVE-2023-463xx/CVE-2023-46362.json) (`2023-11-15T19:49:17.137`)
* [CVE-2023-47379](CVE-2023/CVE-2023-473xx/CVE-2023-47379.json) (`2023-11-15T20:12:54.297`)
* [CVE-2023-45849](CVE-2023/CVE-2023-458xx/CVE-2023-45849.json) (`2023-11-15T20:15:38.037`)
* [CVE-2023-45319](CVE-2023/CVE-2023-453xx/CVE-2023-45319.json) (`2023-11-15T20:15:50.193`)
* [CVE-2023-5759](CVE-2023/CVE-2023-57xx/CVE-2023-5759.json) (`2023-11-15T20:17:01.213`)
* [CVE-2023-46777](CVE-2023/CVE-2023-467xx/CVE-2023-46777.json) (`2023-11-15T20:21:23.860`)
* [CVE-2023-39284](CVE-2023/CVE-2023-392xx/CVE-2023-39284.json) (`2023-11-15T20:32:55.707`)
* [CVE-2023-3959](CVE-2023/CVE-2023-39xx/CVE-2023-3959.json) (`2023-11-15T20:44:58.910`)
* [CVE-2023-39435](CVE-2023/CVE-2023-394xx/CVE-2023-39435.json) (`2023-11-15T20:47:32.743`)
## Download and Usage