admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-02T02:00:25.344614+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-02 02:00:29 +00:00
parent 34145ab193
commit 2fb50e4654
21 changed files with 698 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
CVE-2015/CVE-2015-101xx/CVE-2015-10110.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2015-10110",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T00:15:09.303",
"lastModified": "2023-06-02T00:38:44.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ruddernation TinyChat Room Spy Plugin up to 1.2.8 on WordPress. This vulnerability affects the function wp_show_room_spy of the file room-spy.php. The manipulation of the argument room leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.2.9 is able to address this issue. The name of the patch is ab72627a963d61fb3bc31018e3855b08dc94a979. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-230392."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/tinychat-roomspy/commit/ab72627a963d61fb3bc31018e3855b08dc94a979",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.230392",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.230392",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2016/CVE-2016-150xx/CVE-2016-15032.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2016-15032",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T00:15:09.443",
"lastModified": "2023-06-02T00:38:44.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as problematic has been found in mback2k mh_httpbl Extension up to 1.1.7 on TYPO3. This affects the function stopOutput of the file class.tx_mhhttpbl.php. The manipulation of the argument $_SERVER['REMOTE_ADDR'] leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.1.8 is able to address this issue. The name of the patch is a754bf306a433a8c18b55e25595593e8f19b9463. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230391. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/mback2k/mh_httpbl/commit/a754bf306a433a8c18b55e25595593e8f19b9463",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/mback2k/mh_httpbl/releases/tag/mh_httpbl_1.1.8_security",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.230391",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.230391",
"source": "cna@vuldb.com"
}
]
}

47
CVE-2022/CVE-2022-339xx/CVE-2022-33974.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33974",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-29T01:15:11.597",
"lastModified": "2023-05-30T12:52:56.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:35:05.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smashballoon:custom_twitter_feeds:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.4",
"matchCriteriaId": "046D35BC-0981-4932-9DFF-B54F08E212DF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-twitter-feeds/wordpress-custom-twitter-feeds-plugin-1-8-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2022/CVE-2022-453xx/CVE-2022-45372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45372",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-29T01:15:11.800",
"lastModified": "2023-05-30T12:52:56.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:36:38.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codeixer:product_gallery_slider_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2.8",
"matchCriteriaId": "8E8AFC35-713B-42BD-B2E0-28FC1CE64D0F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-product-gallery-slider/wordpress-product-gallery-slider-for-woocommerce-plugin-2-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-208xx/CVE-2023-20882.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-20882",
"sourceIdentifier": "security@vmware.com",
"published": "2023-05-26T17:15:13.897",
"lastModified": "2023-05-26T17:15:13.897",
"vulnStatus": "Received",
"lastModified": "2023-06-02T01:16:41.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Cloud foundry routing release versions from 0.262.0 and prior to 0.266.0,a bug in the gorouter process can lead to a denial of service of applications hosted on Cloud Foundry. Under the right circumstances, when client connections are closed prematurely, gorouter marks the currently selected backend as failed and removes it from the routing pool."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@vmware.com",
"type": "Secondary",
@ -23,10 +56,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudfoundry:cf-deployment:*:*:*:*:*:*:*:*",
"versionStartIncluding": "27.4.0",
"versionEndExcluding": "29.0.0",
"matchCriteriaId": "7FA1D9E5-EDBA-45DF-9F59-CEA6C67F8116"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cloudfoundry:routing_release:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.262.0",
"versionEndExcluding": "0.266.0",
"matchCriteriaId": "928D2E4F-2AD3-4339-8283-87F8075552AE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cloudfoundry.org/blog/cve-2023-20882-gorouter-pruning-via-client-disconnect-resulting-in-dos/",
"source": "security@vmware.com"
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-273xx/CVE-2023-27311.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-27311",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2023-05-26T22:15:14.680",
"lastModified": "2023-05-28T02:28:04.970",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:09:44.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "NetApp Blue XP Connector versions prior to 3.9.25 expose information via a directory listing. A new Connector architecture resolves this issue - obtaining the fix requires redeploying a fresh Connector."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:blue_xp_connector:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.9.25",
"matchCriteriaId": "734E3EB5-3590-4E71-9994-6D0F6C875EDB"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230525-0001/",
"source": "security-alert@netapp.com"
"source": "security-alert@netapp.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-276xx/CVE-2023-27639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27639",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T21:15:09.260",
"lastModified": "2023-06-01T21:15:09.260",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-276xx/CVE-2023-27640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27640",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T21:15:09.313",
"lastModified": "2023-06-01T21:15:09.313",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-281xx/CVE-2023-28147.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-28147",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T00:15:09.620",
"lastModified": "2023-06-02T00:38:44.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to gain access to already freed memory. This affects Midgard r29p0 through r32p0, Bifrost r17p0 through r42p0 before r43p0, Valhall r19p0 through r42p0 before r43p0, and Arm's GPU Architecture Gen5 r41p0 through r42p0 before r43p0."
}
],
"metrics": {},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities",
"source": "cve@mitre.org"
}
]
}

66
CVE-2023/CVE-2023-28xx/CVE-2023-2898.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-2898",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T22:15:14.727",
"lastModified": "2023-05-28T02:28:04.970",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:07:31.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/linux-f2fs-devel/20230522124203.3838360-1-chao@kernel.org/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

4
CVE-2023/CVE-2023-297xx/CVE-2023-29722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29722",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T21:15:09.360",
"lastModified": "2023-06-01T21:15:09.360",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-297xx/CVE-2023-29723.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29723",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T21:15:09.407",
"lastModified": "2023-06-01T21:15:09.407",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-297xx/CVE-2023-29736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29736",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T21:15:09.450",
"lastModified": "2023-06-01T21:15:09.450",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-323xx/CVE-2023-32324.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32324",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-01T17:15:09.873",
"lastModified": "2023-06-01T17:29:59.710",
"lastModified": "2023-06-02T00:15:09.673",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-cxc6-w2g7-69p7",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00001.html",
"source": "security-advisories@github.com"
}
]
}

47
CVE-2023/CVE-2023-333xx/CVE-2023-33313.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33313",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-28T19:15:09.503",
"lastModified": "2023-05-30T12:52:56.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:32:28.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themeinprogress:wip_custom_login:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.0",
"matchCriteriaId": "D8BA1DC0-CBCD-40B8-97D6-6967034E4AD0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wip-custom-login/wordpress-wip-custom-login-plugin-1-2-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-333xx/CVE-2023-33326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33326",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-28T18:15:09.847",
"lastModified": "2023-05-28T18:32:54.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:22:23.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:theeventprime:eventprime:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "34B230EF-2DB7-4FD1-ACD1-8303739A90F7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/eventprime-event-calendar-management/wordpress-eventprime-plugin-2-8-6-reflected-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-333xx/CVE-2023-33328.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33328",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-28T18:15:09.920",
"lastModified": "2023-05-28T18:32:54.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:26:33.810",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginops:mailchimp_subscribe_form:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.9.2",
"matchCriteriaId": "7AB3A609-90B1-4DEA-966B-B894939FA784"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mailchimp-subscribe-sm/wordpress-pluginops-optin-builder-plugin-4-0-9-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-337xx/CVE-2023-33754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33754",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T20:15:09.467",
"lastModified": "2023-06-01T20:15:09.467",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-337xx/CVE-2023-33764.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33764",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-01T20:15:09.523",
"lastModified": "2023-06-01T20:15:09.523",
"vulnStatus": "Received",
"lastModified": "2023-06-02T00:07:04.253",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-339xx/CVE-2023-33931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33931",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-28T18:15:09.997",
"lastModified": "2023-05-28T18:32:54.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-02T01:31:13.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getbutterfly:youtube_playlist_player:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.6.5",
"matchCriteriaId": "85025D64-DCC8-437F-8B42-A1DCB78DCB09"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/youtube-playlist-player/wordpress-youtube-playlist-player-plugin-4-6-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

50
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-01T22:00:26.901997+00:00
2023-06-02T02:00:25.344614+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-01T21:15:09.450000+00:00
2023-06-02T01:36:38.963000+00:00
```
### Last Data Feed Release
@ -23,43 +23,45 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-06-01T00:00:13.536650+00:00
2023-06-02T00:00:13.581584+00:00
```
### Total Number of included CVEs
```plain
216652
216655
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `3`
* [CVE-2023-33754](CVE-2023/CVE-2023-337xx/CVE-2023-33754.json) (`2023-06-01T20:15:09.467`)
* [CVE-2023-33764](CVE-2023/CVE-2023-337xx/CVE-2023-33764.json) (`2023-06-01T20:15:09.523`)
* [CVE-2023-27639](CVE-2023/CVE-2023-276xx/CVE-2023-27639.json) (`2023-06-01T21:15:09.260`)
* [CVE-2023-27640](CVE-2023/CVE-2023-276xx/CVE-2023-27640.json) (`2023-06-01T21:15:09.313`)
* [CVE-2023-29722](CVE-2023/CVE-2023-297xx/CVE-2023-29722.json) (`2023-06-01T21:15:09.360`)
* [CVE-2023-29723](CVE-2023/CVE-2023-297xx/CVE-2023-29723.json) (`2023-06-01T21:15:09.407`)
* [CVE-2023-29736](CVE-2023/CVE-2023-297xx/CVE-2023-29736.json) (`2023-06-01T21:15:09.450`)
* [CVE-2015-10110](CVE-2015/CVE-2015-101xx/CVE-2015-10110.json) (`2023-06-02T00:15:09.303`)
* [CVE-2016-15032](CVE-2016/CVE-2016-150xx/CVE-2016-15032.json) (`2023-06-02T00:15:09.443`)
* [CVE-2023-28147](CVE-2023/CVE-2023-281xx/CVE-2023-28147.json) (`2023-06-02T00:15:09.620`)
### CVEs modified in the last Commit
Recently modified CVEs: `11`
Recently modified CVEs: `17`
* [CVE-2021-25748](CVE-2021/CVE-2021-257xx/CVE-2021-25748.json) (`2023-06-01T20:44:14.080`)
* [CVE-2022-23121](CVE-2022/CVE-2022-231xx/CVE-2022-23121.json) (`2023-06-01T20:15:09.343`)
* [CVE-2023-34339](CVE-2023/CVE-2023-343xx/CVE-2023-34339.json) (`2023-06-01T20:11:35.947`)
* [CVE-2023-2868](CVE-2023/CVE-2023-28xx/CVE-2023-2868.json) (`2023-06-01T20:14:55.053`)
* [CVE-2023-24603](CVE-2023/CVE-2023-246xx/CVE-2023-24603.json) (`2023-06-01T20:23:11.647`)
* [CVE-2023-24604](CVE-2023/CVE-2023-246xx/CVE-2023-24604.json) (`2023-06-01T20:25:08.497`)
* [CVE-2023-26215](CVE-2023/CVE-2023-262xx/CVE-2023-26215.json) (`2023-06-01T20:34:27.187`)
* [CVE-2023-30851](CVE-2023/CVE-2023-308xx/CVE-2023-30851.json) (`2023-06-01T20:35:42.710`)
* [CVE-2023-26216](CVE-2023/CVE-2023-262xx/CVE-2023-26216.json) (`2023-06-01T20:43:56.717`)
* [CVE-2023-23694](CVE-2023/CVE-2023-236xx/CVE-2023-23694.json) (`2023-06-01T20:44:36.253`)
* [CVE-2023-23693](CVE-2023/CVE-2023-236xx/CVE-2023-23693.json) (`2023-06-01T20:44:56.407`)
* [CVE-2022-33974](CVE-2022/CVE-2022-339xx/CVE-2022-33974.json) (`2023-06-02T01:35:05.423`)
* [CVE-2022-45372](CVE-2022/CVE-2022-453xx/CVE-2022-45372.json) (`2023-06-02T01:36:38.963`)
* [CVE-2023-33754](CVE-2023/CVE-2023-337xx/CVE-2023-33754.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-33764](CVE-2023/CVE-2023-337xx/CVE-2023-33764.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-27639](CVE-2023/CVE-2023-276xx/CVE-2023-27639.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-27640](CVE-2023/CVE-2023-276xx/CVE-2023-27640.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-29722](CVE-2023/CVE-2023-297xx/CVE-2023-29722.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-29723](CVE-2023/CVE-2023-297xx/CVE-2023-29723.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-29736](CVE-2023/CVE-2023-297xx/CVE-2023-29736.json) (`2023-06-02T00:07:04.253`)
* [CVE-2023-32324](CVE-2023/CVE-2023-323xx/CVE-2023-32324.json) (`2023-06-02T00:15:09.673`)
* [CVE-2023-2898](CVE-2023/CVE-2023-28xx/CVE-2023-2898.json) (`2023-06-02T01:07:31.837`)
* [CVE-2023-27311](CVE-2023/CVE-2023-273xx/CVE-2023-27311.json) (`2023-06-02T01:09:44.267`)
* [CVE-2023-20882](CVE-2023/CVE-2023-208xx/CVE-2023-20882.json) (`2023-06-02T01:16:41.457`)
* [CVE-2023-33326](CVE-2023/CVE-2023-333xx/CVE-2023-33326.json) (`2023-06-02T01:22:23.857`)
* [CVE-2023-33328](CVE-2023/CVE-2023-333xx/CVE-2023-33328.json) (`2023-06-02T01:26:33.810`)
* [CVE-2023-33931](CVE-2023/CVE-2023-339xx/CVE-2023-33931.json) (`2023-06-02T01:31:13.207`)
* [CVE-2023-33313](CVE-2023/CVE-2023-333xx/CVE-2023-33313.json) (`2023-06-02T01:32:28.260`)
## Download and Usage